Skip to main content
CVE-2025-26477 MEDIUM This Month

Dell ECS version 3.8.1.4 and prior contain an Improper Input Validation vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell RCE Elastic Cloud Storage Objectscale
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2025-2197 MEDIUM This Month

Browser is affected by type confusion vulnerability, successful exploitation of this vulnerability may affect service availability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Baidu
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2025-39434 MEDIUM This Month

Authorization Bypass Through User-Controlled Key vulnerability in Scott Taylor Avatar allows Exploiting Incorrectly Configured Access Control Security Levels.1.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-39453 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in algol.plus Advanced Dynamic Pricing for WooCommerce allows Cross Site Request Forgery.9.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-39443 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Soft8Soft LLC Verge3D allows Cross Site Request Forgery.9.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-39438 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in momen2009 Theme Changer allows Cross Site Request Forgery.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-39437 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Boone Gorges Anthologize allows Cross Site Request Forgery.8.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-39426 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in illow illow - Cookies Consent allows Cross Site Request Forgery.2.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-39425 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in pixelgrade Style Manager allows Cross Site Request Forgery.2.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-42921 MEDIUM This Month

In JetBrains Toolbox App before 2.6 host key verification was missing in SSH plugin. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Toolbox
NVD
CVSS 3.1
4.2
EPSS
0.0%
CVE-2021-47671 LOW PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path In es58x_rx_err_msg(), if can->do_set_mode() fails, the function. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2025-26478 LOW Monitor

Dell ECS version 3.8.1.4 and prior contain an Improper Certificate Validation vulnerability. Rated low severity (CVSS 3.1), this vulnerability is no authentication required. No vendor patch available.

Dell Information Disclosure Elastic Cloud Storage Objectscale
NVD
CVSS 3.1
3.1
EPSS
0.0%
CVE-2024-42177 LOW Monitor

HCL MyXalytics is affected by SSL∕TLS Protocol affected with BREACH & LUCKY13 vulnerabilities. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Dryice Myxalytics
NVD
CVSS 3.1
2.6
EPSS
0.1%
CVE-2024-42178 LOW Monitor

HCL MyXalytics is affected by a failure to restrict URL access vulnerability. Rated low severity (CVSS 2.5). No vendor patch available.

Authentication Bypass Dryice Myxalytics
NVD
CVSS 3.1
2.5
EPSS
0.2%
Prev Page 7 of 7

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy