Skip to main content
CVE-2024-6029 MEDIUM This Month

Tesla Model S Iris Modem Race Condition Firewall Bypass Vulnerability. Rated medium severity (CVSS 5.0), this vulnerability is no authentication required. No vendor patch available.

Authentication Bypass Model S Firmware
NVD
CVSS 3.0
5.0
EPSS
0.1%
CVE-2025-32376 MEDIUM PATCH This Month

Discourse is an open-source discussion platform. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Discourse
NVD GitHub
CVSS 4.0
4.8
EPSS
0.2%
CVE-2022-42449 MEDIUM This Month

Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Domino Leap
NVD
CVSS 3.1
4.6
EPSS
0.3%
CVE-2022-27562 MEDIUM This Month

Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Domino Leap
NVD
CVSS 3.1
4.6
EPSS
0.3%
CVE-2022-42450 MEDIUM This Month

Improper sanitization of SVG files in HCL Domino Volt allows client-side script injection in deployed applications. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Domino Leap
NVD
CVSS 3.1
4.6
EPSS
0.1%
CVE-2025-39413 MEDIUM This Month

Missing Authorization vulnerability in David Gwyer Simple Sitemap - Create a Responsive HTML Sitemap.5.14. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-30146 MEDIUM This Month

Improper access control of endpoint in HCL Domino Leap allows certain admin users to import applications from the server's filesystem. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Domino Leap
NVD
CVSS 3.1
4.1
EPSS
0.1%
CVE-2023-37517 LOW Monitor

Missing "no cache" headers in HCL Leap permits sensitive data to be cached. Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Domino Leap
NVD
CVSS 3.1
3.2
EPSS
0.2%
CVE-2025-32972 LOW PATCH Monitor

XWiki is a generic wiki platform. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Xwiki
NVD GitHub
CVSS 3.1
2.7
EPSS
0.1%
CVE-2024-47784 LOW Monitor

Unverified Password Change for ANC software that allows an authenticated attacker to bypass the old Password check in the password change form via a web HMI1.4 and earlier. Rated low severity (CVSS 2.1). No vendor patch available.

Authentication Bypass
NVD
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-3269 Awaiting Data

Rejected reason: Red Hat Product Security has come to the conclusion that this CVE is not needed. No vendor patch available.

Red Hat Information Disclosure
NVD
CVE-2025-2156 Awaiting Data

Rejected reason: Red Hat Product Security has come to the conclusion that this CVE is not needed. No vendor patch available.

Red Hat Information Disclosure
NVD
CVE-2025-46782 Awaiting Data

Rejected reason: Not used. No vendor patch available.

Information Disclosure
NVD
CVE-2025-46781 Awaiting Data

Rejected reason: Not used. No vendor patch available.

Information Disclosure
NVD
CVE-2025-46780 Awaiting Data

Rejected reason: Not used. No vendor patch available.

Information Disclosure
NVD
CVE-2025-46779 Awaiting Data

Rejected reason: Not used. No vendor patch available.

Information Disclosure
NVD
CVE-2025-46778 Awaiting Data

Rejected reason: Not used. No vendor patch available.

Information Disclosure
NVD
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy