Skip to main content
CVE-2025-26955 MEDIUM This Month

Missing Authorization vulnerability in VW Themes Industrial Lite allows Exploiting Incorrectly Configured Access Control Security Levels.0.8. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-26903 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in RealMag777 InPost Gallery allows Cross Site Request Forgery.1.4.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-30965 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in NotFound WPJobBoard allows Cross Site Request Forgery. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-30721 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Rated medium severity (CVSS 4.0). No vendor patch available.

Oracle Denial Of Service Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
4.0
EPSS
0.2%
CVE-2025-32996 MEDIUM PATCH This Month

In http-proxy-middleware before 2.0.8 and 3.x before 3.0.4, writeBody can be called twice because "else if" is not used. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Http Proxy Middleware Red Hat
NVD GitHub
CVSS 3.1
4.0
EPSS
0.2%
CVE-2025-32997 MEDIUM PATCH This Month

In http-proxy-middleware before 2.0.9 and 3.x before 3.0.5, fixRequestBody proceeds even if bodyParser has failed. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Http Proxy Middleware Red Hat
NVD GitHub
CVSS 3.1
4.0
EPSS
0.1%
CVE-2025-30731 LOW PATCH Monitor

Vulnerability in the Oracle Applications Technology Stack product of Oracle E-Business Suite (component: Configuration). Rated low severity (CVSS 3.6), this vulnerability is no authentication required.

Oracle Authentication Bypass Applications Technology Stack
NVD
CVSS 3.1
3.6
EPSS
0.1%
CVE-2025-30700 LOW PATCH Monitor

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.1
3.5
EPSS
0.3%
CVE-2025-31494 LOW PATCH Monitor

AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Autogpt Platform
NVD GitHub
CVSS 3.1
3.5
EPSS
0.2%
CVE-2025-30681 LOW PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Oracle Denial Of Service Mysql Cluster Mysql Server MySQL
NVD
CVSS 3.1
2.7
EPSS
0.3%
CVE-2025-30703 LOW PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Oracle Authentication Bypass Mysql Server MySQL
NVD
CVSS 3.1
2.7
EPSS
0.2%
CVE-2025-32435 LOW PATCH Monitor

Hydra is a Continuous Integration service for Nix based projects. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable.

Information Disclosure Code Injection Hydra
NVD GitHub
CVSS 3.1
2.6
EPSS
0.2%
CVE-2024-45712 LOW PATCH Monitor

SolarWinds Serv-U is vulnerable to a client-side cross-site scripting (XSS) vulnerability. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable.

XSS Serv U
NVD
CVSS 3.1
2.6
EPSS
0.1%
CVE-2024-42193 LOW Monitor

HCL BigFix Web Reports' service communicates over HTTPS but exhibits a weakness in its handling of SSL certificate validation. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Authentication Bypass Bigfix Platform
NVD
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-32941 Awaiting Data

Rejected reason: Not used. No vendor patch available.

Information Disclosure
NVD
CVE-2025-32940 Awaiting Data

Rejected reason: Not used. No vendor patch available.

Information Disclosure
NVD
CVE-2025-32939 Awaiting Data

Rejected reason: Not used. No vendor patch available.

Information Disclosure
NVD
CVE-2025-32938 Awaiting Data

Rejected reason: Not used. No vendor patch available.

Information Disclosure
NVD
CVE-2025-32937 Awaiting Data

Rejected reason: Not used. No vendor patch available.

Information Disclosure
NVD
CVE-2025-32936 Awaiting Data

Rejected reason: Not used. No vendor patch available.

Information Disclosure
NVD
CVE-2025-32935 Awaiting Data

Rejected reason: Not used. No vendor patch available.

Information Disclosure
NVD
CVE-2025-32934 Awaiting Data

Rejected reason: Not used. No vendor patch available.

Information Disclosure
NVD
CVE-2025-32933 Awaiting Data

Rejected reason: Not used. No vendor patch available.

Information Disclosure
NVD
Prev Page 6 of 6

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy