Skip to main content
CVE-2025-48481 MEDIUM POC This Month

FreeScout is a free self-hosted help desk and shared mailbox. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Freescout
NVD GitHub
CVSS 4.0
6.1
EPSS
0.1%
CVE-2025-48480 HIGH POC This Month

FreeScout is a free self-hosted help desk and shared mailbox. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Freescout
NVD GitHub
CVSS 4.0
7.0
EPSS
0.1%
CVE-2025-48479 HIGH POC This Week

FreeScout is a free self-hosted help desk and shared mailbox. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Freescout
NVD GitHub
CVSS 4.0
8.5
EPSS
0.1%
CVE-2025-48478 HIGH POC PATCH This Month

FreeScout is a free self-hosted help desk and shared mailbox. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Freescout
NVD GitHub
CVSS 4.0
7.0
EPSS
0.1%
CVE-2025-48477 HIGH POC This Month

FreeScout is a free self-hosted help desk and shared mailbox. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Freescout
NVD GitHub
CVSS 4.0
7.1
EPSS
0.1%
CVE-2025-48476 HIGH POC This Month

FreeScout is a free self-hosted help desk and shared mailbox. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Freescout
NVD GitHub
CVSS 4.0
7.1
EPSS
0.1%
CVE-2025-48491 LOW Monitor

Project AI is a platform designed to create AI agents. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD GitHub
CVSS 4.0
2.7
EPSS
0.8%
CVE-2025-48381 MEDIUM PATCH This Month

Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Computer Vision Annotation Tool
NVD GitHub
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-48068 LOW PATCH Monitor

Next.js is a React framework for building full-stack web applications. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Node.js Next.js Vercel
NVD GitHub
CVSS 4.0
2.3
EPSS
0.1%
CVE-2025-47952 LOW PATCH Monitor

Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. Rated low severity (CVSS 2.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Traefik
NVD GitHub
CVSS 4.0
2.9
EPSS
0.4%
CVE-2025-44906 HIGH POC This Month

jhead v3.08 was discovered to contain a heap-use-after-free via the ProcessFile function at jhead.c. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Memory Corruption Information Disclosure Jhead Suse
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-44905 HIGH POC PATCH This Week

hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5Z__filter_scaleoffset function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow Hdf5 Red Hat Suse
NVD GitHub
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-44904 HIGH POC PATCH This Week

hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5VM_memcpyvv function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow Hdf5 Red Hat Suse
NVD GitHub
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-44614 HIGH This Month

Tinxy WiFi Lock Controller v1 RF was discovered to store users' sensitive information, including credentials and mobile phone numbers, in plaintext. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Wifi Lock Controller V1 Rf Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-44612 MEDIUM This Month

Tinxy WiFi Lock Controller v1 RF was discovered to transmit sensitive information in plaintext, including control information and device credentials, allowing attackers to possibly intercept and. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Wifi Lock Controller V1 Rf Firmware
NVD GitHub
CVSS 3.1
5.9
EPSS
0.1%
CVE-2024-12224 MEDIUM POC PATCH This Month

Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Information Disclosure Idna Red Hat Suse
NVD
CVSS 4.0
5.1
EPSS
0.2%
CVE-2025-46352 CRITICAL This Week

The CS5000 Fire Panel is vulnerable due to a hard-coded password that runs on a VNC server and is visible as a string in the binary responsible for running VNC. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 4.0
9.3
EPSS
0.3%
CVE-2025-41438 CRITICAL This Week

The CS5000 Fire Panel is vulnerable due to a default account that exists on the panel. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
9.3
EPSS
0.5%
CVE-2025-1907 CRITICAL This Week

Instantel Micromate lacks authentication on a configuration port which could allow an attacker to execute commands if connected. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 4.0
9.3
EPSS
0.4%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy