Skip to main content
CVE-2025-1525 LOW POC Monitor

The Ultimate Dashboard WordPress plugin before 3.8.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Ultimate Dashboard PHP
NVD WPScan
CVSS 3.1
3.5
EPSS
0.2%
CVE-2025-1524 LOW POC Monitor

The Ultimate Dashboard WordPress plugin before 3.8.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Ultimate Dashboard PHP
NVD WPScan
CVSS 3.1
3.5
EPSS
0.2%
CVE-2025-1523 LOW POC Monitor

The Ultimate Dashboard WordPress plugin before 3.8.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Ultimate Dashboard PHP
NVD WPScan
CVSS 3.1
3.5
EPSS
0.2%
CVE-2024-11924 LOW POC Monitor

The Icegram Express formerly known as Email Subscribers WordPress plugin before 5.7.52 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Icegram Express
NVD WPScan
CVSS 3.1
3.5
EPSS
0.2%
CVE-2025-26268 LOW POC PATCH Monitor

DragonflyDB Dragonfly before 1.27.0 allows authenticated users to cause a denial of service (daemon crash) via a crafted Redis command. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Redis Dragonfly
NVD GitHub
CVSS 3.1
3.3
EPSS
0.2%
CVE-2025-26269 LOW POC PATCH Monitor

DragonflyDB Dragonfly through 1.28.2 (fixed in 1.29.0) allows authenticated users to cause a denial of service (daemon crash) via a Lua library command that references a large negative integer. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Dragonfly
NVD GitHub
CVSS 3.1
3.3
EPSS
0.1%
CVE-2025-43708 LOW POC Monitor

VisiCut 2.1 allows stack consumption via an XML document with nested set elements, as demonstrated by a java.util.HashMap StackOverflowError when reference='../../../set/set[2]' is used, aka an. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization Visicut
NVD GitHub
CVSS 3.1
3.3
EPSS
0.1%
CVE-2025-32415 LOW POC Monitor

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. Rated low severity (CVSS 2.9), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Libxml2
NVD
CVSS 3.1
2.9
EPSS
0.1%
CVE-2021-47671 LOW PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path In es58x_rx_err_msg(), if can->do_set_mode() fails, the function. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2025-26478 LOW Monitor

Dell ECS version 3.8.1.4 and prior contain an Improper Certificate Validation vulnerability. Rated low severity (CVSS 3.1), this vulnerability is no authentication required. No vendor patch available.

Dell Information Disclosure Elastic Cloud Storage Objectscale
NVD
CVSS 3.1
3.1
EPSS
0.0%
CVE-2024-42177 LOW Monitor

HCL MyXalytics is affected by SSL∕TLS Protocol affected with BREACH & LUCKY13 vulnerabilities. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Dryice Myxalytics
NVD
CVSS 3.1
2.6
EPSS
0.1%
CVE-2024-42178 LOW Monitor

HCL MyXalytics is affected by a failure to restrict URL access vulnerability. Rated low severity (CVSS 2.5). No vendor patch available.

Authentication Bypass Dryice Myxalytics
NVD
CVSS 3.1
2.5
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy