Skip to main content
CVE-2025-39498 MEDIUM This Month

Insertion of Sensitive Information Into Sent Data vulnerability in Spotlight Spotlight - Social Media Feeds (Premium) allows Retrieve Embedded Sensitive Data.7.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2025-5212 MEDIUM POC This Week

A vulnerability was found in PHPGurukul Employee Record Management System 1.3. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Employee Record Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-5211 MEDIUM POC This Week

A vulnerability was found in PHPGurukul Employee Record Management System 1.3 and classified as critical.php. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Employee Record Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-5210 MEDIUM POC This Week

A vulnerability has been found in PHPGurukul Employee Record Management System 1.3 and classified as critical. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Employee Record Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-5208 MEDIUM POC This Week

A vulnerability, which was classified as critical, was found in SourceCodester Online Hospital Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Hospital Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-5207 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Client Database Management System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.2%
CVE-2025-5206 MEDIUM POC This Month

A vulnerability classified as critical was found in Pixelimity 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Pixelimity
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.2%
CVE-2025-5205 MEDIUM POC This Week

A vulnerability classified as critical has been found in 1000 Projects Daily College Class Work Report Book 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Daily College Class Work Report Book
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-5204 MEDIUM POC PATCH Monitor

A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Assimp Red Hat Suse
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-5203 MEDIUM POC PATCH Monitor

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Assimp Red Hat Suse
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-5202 MEDIUM POC PATCH Monitor

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Assimp Red Hat Suse
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-5201 MEDIUM POC PATCH Monitor

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Assimp Red Hat Suse
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-5200 MEDIUM POC PATCH Monitor

A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic.cpp. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Assimp Red Hat Suse
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-46802 MEDIUM PATCH This Month

For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Red Hat Suse
NVD
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-23392 MEDIUM PATCH This Month

A Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in spacewalk-java allows execution of arbitrary Javascript code on target. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Java Suse
NVD
CVSS 4.0
5.6
EPSS
0.3%
CVE-2025-46803 MEDIUM PATCH This Month

The default mode of pseudo terminals (PTYs) allocated by Screen was changed from 0620 to 0622, thereby allowing anyone to write to any Screen PTYs in the system. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Red Hat Suse
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2025-37992 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net_sched: Flush gso_skb list too during ->change() Previously, when reducing a qdisc's limit via the ->change() operation, only. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Linux Denial Of Service Linux Kernel Debian Linux +2
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-46805 MEDIUM PATCH This Month

Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Red Hat Suse
NVD
CVSS 4.0
5.7
EPSS
0.1%
CVE-2025-5186 MEDIUM POC This Month

A vulnerability was found in thinkgem JeeSite up to 5.11.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Jeesite
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.3%
CVE-2025-5185 MEDIUM This Month

A vulnerability was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-40663 MEDIUM This Month

Stored Cross-Site Scripting (XSS) vulnerability in i2A-Cronos version 23.02.01.17, from i2A. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 4.0
5.1
EPSS
0.3%
CVE-2025-40653 MEDIUM This Month

User enumeration vulnerability in M3M Printer Server Web. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-40652 MEDIUM This Month

Stored Cross-Site Scripting (XSS) vulnerability in the CoverManager booking software. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 4.0
5.3
EPSS
0.4%
CVE-2025-5184 MEDIUM This Month

A vulnerability was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Vacation Rental Management Platform
NVD VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-5183 MEDIUM This Month

A vulnerability was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1 and classified as problematic. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Open Redirect Vacation Rental Management Platform
NVD VulDB
CVSS 4.0
5.1
EPSS
0.1%
CVE-2025-5182 MEDIUM POC This Month

A vulnerability has been found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Vacation Rental Management Platform
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-5181 MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Vacation Rental Management Platform
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.3%
CVE-2025-5179 MEDIUM Monitor

A vulnerability classified as problematic was found in Realce Tecnologia Queue Ticket Kiosk up to 20250517. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Queue Ticket Kiosk
NVD VulDB
CVSS 4.0
4.8
EPSS
0.3%
CVE-2025-5178 MEDIUM This Month

A vulnerability classified as critical has been found in Realce Tecnologia Queue Ticket Kiosk up to 20250517. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Authentication Bypass File Upload Queue Ticket Kiosk
NVD VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-5177 MEDIUM This Month

A vulnerability was found in Realce Tecnologia Queue Ticket Kiosk up to 20250517. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Queue Ticket Kiosk
NVD VulDB
CVSS 4.0
5.3
EPSS
0.4%
CVE-2025-4057 MEDIUM PATCH This Month

A flaw was found in ActiveMQ Artemis. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Red Hat Suse
NVD GitHub
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-4053 MEDIUM This Month

The data stored in Be-Tech Mifare Classic card is stored in cleartext. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
6.8
EPSS
0.1%
CVE-2025-1985 MEDIUM This Month

Due to improper neutralization of input during web page generation (XSS) an unauthenticated remote attacker can inject HTML code into the Web-UI in the affected device. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-5176 MEDIUM This Month

A vulnerability was found in Realce Tecnologia Queue Ticket Kiosk up to 20250517. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Queue Ticket Kiosk
NVD VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-5175 MEDIUM POC PATCH Monitor

A vulnerability was found in erdogant pypickle up to 1.1.5. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Pypickle
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-5174 MEDIUM POC PATCH Monitor

A vulnerability was found in erdogant pypickle up to 1.1.5 and classified as problematic. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available.

Deserialization Pypickle
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-5173 MEDIUM Monitor

A vulnerability has been found in HumanSignal label-studio-ml-backend up to 9fb7f4aa186612806af2becfb621f6ed8d9fdbaf and classified as problematic. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Deserialization Label Studio Ml Backend
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-41441 MEDIUM This Month

Mailform Pro CGI prior to 4.3.4 generates error messages containing sensitive information, which may allow a remote unauthenticated attacker to obtain coupon codes. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mailform Pro Cgi
NVD
CVSS 4.0
6.3
EPSS
0.1%
CVE-2025-5172 MEDIUM This Month

A vulnerability, which was classified as critical, was found in Econtrata up to 20250516. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Econtrata
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.3%
CVE-2025-5171 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in llisoft MTA Maita Training System 4.5.fileService.download of the file com\llisoft\controller\OpenController.java. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass File Upload Mta Maita Training System
NVD VulDB
CVSS 4.0
5.3
EPSS
0.3%
CVE-2025-5170 MEDIUM This Month

A vulnerability classified as critical was found in llisoft MTA Maita Training System 4.5. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Mta Maita Training System
NVD VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-5169 MEDIUM POC Monitor

A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Assimp Red Hat
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-5168 MEDIUM POC Monitor

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Assimp Red Hat
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-5167 MEDIUM POC PATCH Monitor

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Assimp Red Hat Suse
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-5166 MEDIUM POC Monitor

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Assimp Red Hat
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-5165 MEDIUM POC Monitor

A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic.cpp. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Assimp Red Hat
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-5164 MEDIUM POC This Month

A vulnerability has been found in PerfreeBlog 4.0.11 and classified as problematic. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Perfreeblog
NVD GitHub VulDB
CVSS 4.0
6.3
EPSS
0.3%
CVE-2025-5163 MEDIUM POC This Week

A vulnerability, which was classified as problematic, was found in yangshare 技术杨工 warehouseManager 仓库管理系统 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Warehouse Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-5162 MEDIUM This Month

A vulnerability, which was classified as critical, has been found in H3C SecCenter SMP-E1114P02 up to 20250513. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass File Upload Seccenter Smp 1114P02
NVD VulDB
CVSS 4.0
5.3
EPSS
0.3%
CVE-2025-5161 MEDIUM This Month

A vulnerability classified as problematic was found in H3C SecCenter SMP-E1114P02 up to 20250513. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Seccenter Smp 1114P02
NVD VulDB
CVSS 4.0
5.3
EPSS
0.8%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy