Skip to main content
CVE-2025-21584 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Oracle Denial Of Service Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
4.9
EPSS
0.3%
CVE-2025-21583 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server Snapcenter MySQL +1
NVD
CVSS 3.1
4.9
EPSS
0.3%
CVE-2025-21581 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Oracle Denial Of Service Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
4.9
EPSS
0.3%
CVE-2025-21580 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Oracle Denial Of Service Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
4.9
EPSS
0.3%
CVE-2025-21579 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Oracle Denial Of Service Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
4.9
EPSS
0.3%
CVE-2025-30715 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Oracle Denial Of Service Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
4.9
EPSS
0.3%
CVE-2025-30705 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
4.9
EPSS
0.3%
CVE-2025-32012 MEDIUM PATCH This Month

Jellyfin is an open source self hosted media server. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, no authentication required.

RCE Authentication Bypass Jellyfin
NVD GitHub
CVSS 4.0
4.6
EPSS
1.7%
CVE-2025-3470 MEDIUM This Month

The TS Poll - Survey, Versus Poll, Image Poll, Video Poll plugin for WordPress is vulnerable to SQL Injection via the s parameter in all versions up to, and including, 2.4.6 due to insufficient. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress SQLi
NVD
CVSS 3.1
4.9
EPSS
0.2%
CVE-2025-30691 MEDIUM PATCH This Month

Vulnerability in Oracle Java SE (component: Compiler). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Java Graalvm For Jdk Jdk +5
NVD VulDB
CVSS 3.1
4.8
EPSS
0.4%
CVE-2025-30714 MEDIUM PATCH This Month

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable.

Python Oracle Authentication Bypass Mysql Connectors
NVD
CVSS 3.1
4.8
EPSS
0.2%
CVE-2024-42200 MEDIUM This Month

HCL BigFix Web Reports might be subject to a Stored Cross-Site Scripting (XSS) attack, due to a potentially weak validation of user input. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Bigfix Platform
NVD
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-30704 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Oracle Denial Of Service Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2025-26990 MEDIUM This Month

Server-Side Request Forgery (SSRF) vulnerability in WP Royal Royal Elementor Addons allows Server Side Request Forgery.7.1006. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

SSRF Elementor
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2025-26955 MEDIUM This Month

Missing Authorization vulnerability in VW Themes Industrial Lite allows Exploiting Incorrectly Configured Access Control Security Levels.0.8. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-26903 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in RealMag777 InPost Gallery allows Cross Site Request Forgery.1.4.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-30965 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in NotFound WPJobBoard allows Cross Site Request Forgery. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-30721 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Rated medium severity (CVSS 4.0). No vendor patch available.

Oracle Denial Of Service Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
4.0
EPSS
0.2%
CVE-2025-32996 MEDIUM PATCH This Month

In http-proxy-middleware before 2.0.8 and 3.x before 3.0.4, writeBody can be called twice because "else if" is not used. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Http Proxy Middleware Red Hat
NVD GitHub
CVSS 3.1
4.0
EPSS
0.2%
CVE-2025-32997 MEDIUM PATCH This Month

In http-proxy-middleware before 2.0.9 and 3.x before 3.0.5, fixRequestBody proceeds even if bodyParser has failed. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Http Proxy Middleware Red Hat
NVD GitHub
CVSS 3.1
4.0
EPSS
0.1%
Prev Page 4 of 4

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy