Skip to main content
CVE-2024-10865 CRITICAL This Week

Improper Input validation leads to XSS or Cross-site Scripting vulnerability in OpenText Advanced Authentication.5. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 4.0
9.4
EPSS
0.2%
CVE-2024-10864 HIGH This Month

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OpenText Advanced Authentication.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

SQLi
NVD
CVSS 4.0
7.5
EPSS
0.2%
CVE-2025-47436 MEDIUM This Month

Heap-based Buffer Overflow vulnerability in Apache ORC. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Apache Orc
NVD
CVSS 4.0
6.0
EPSS
0.3%
CVE-2025-22756 Awaiting Data

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.

Information Disclosure
NVD
CVE-2024-54780 HIGH POC PATCH This Week

Netgate pfSense CE (prior to 2.8.0 beta release) and corresponding Plus builds are vulnerable to command injection in the OpenVPN widget due to improper sanitization of user-supplied input to the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Command Injection Code Injection Pfsense Ce Pfsense Plus
NVD
CVSS 3.1
8.8
EPSS
8.1%
CVE-2024-54779 MEDIUM POC This Month

Netgate pfSense CE (prior to 2.8.0 beta release) and corresponding Plus builds is vulnerable to Cross Site Scripting (XSS) in widgets/log.widget.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Pfsense Ce Pfsense Plus
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-3931 HIGH PATCH This Month

A flaw was found in Yggdrasil, which acts as a system broker, allowing the processes to communicate to other children's "worker" processes through the DBus component. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Red Hat Suse
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-0020 Awaiting Data

Rejected reason: “This CVE ID is Rejected and will not be used. No vendor patch available.

Information Disclosure
NVD
CVE-2025-47899 Awaiting Data

Rejected reason: Not used. No vendor patch available.

Information Disclosure
NVD
CVE-2025-47898 Awaiting Data

Rejected reason: Not used. No vendor patch available.

Information Disclosure
NVD
CVE-2025-47897 Awaiting Data

Rejected reason: Not used. No vendor patch available.

Information Disclosure
NVD
CVE-2025-47896 Awaiting Data

Rejected reason: Not used. No vendor patch available.

Information Disclosure
NVD
CVE-2025-47895 Awaiting Data

Rejected reason: Not used. No vendor patch available.

Information Disclosure
NVD
CVE-2025-47894 Awaiting Data

Rejected reason: Not used. No vendor patch available.

Information Disclosure
NVD
CVE-2025-47893 Awaiting Data

Rejected reason: Not used. No vendor patch available.

Information Disclosure
NVD
CVE-2025-47892 Awaiting Data

Rejected reason: Not used. No vendor patch available.

Information Disclosure
NVD
CVE-2025-47891 Awaiting Data

Rejected reason: Not used. No vendor patch available.

Information Disclosure
NVD
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy