Skip to main content
CVE-2025-49583 LOW POC PATCH Monitor

A security vulnerability in XWiki (CVSS 3.5). Risk factors: public PoC available. Vendor patch is available.

Information Disclosure
NVD GitHub
CVSS 3.1
3.5
EPSS
0.0%
CVE-2025-6052 LOW PATCH CISA Monitor

A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn’t. As a result, data may be written past the end of the allocated memory, leading to crashes or memory corruption.

Buffer Overflow Integer Overflow
NVD VulDB
CVSS 3.1
3.7
EPSS
0.1%
CVE-2025-49597 LOW PATCH Monitor

handcraftedinthealps goodby-csv is a highly memory efficient, flexible and extendable open-source CSV import/export library. Prior to 1.4.3, goodby-csv could be used as part of a chain of methods that is exploitable when an insecure deserialization vulnerability exists in an application. This so-called "gadget chain" presents no direct threat but is a vector that can be used to achieve remote code execution if the application deserializes untrusted data due to another vulnerability. The problem is patched with Version 1.4.3.

Deserialization RCE Tenda
NVD GitHub
CVSS 3.1
3.9
EPSS
2.9%
CVE-2025-4227 LOW PATCH Monitor

An improper access control vulnerability in the Endpoint Traffic Policy Enforcement https://docs.paloaltonetworks.com/globalprotect/6-0/globalprotect-app-new-features/new-features-released-in-gp-app/endpoint-traffic-policy-enforcement feature of the Palo Alto Networks GlobalProtect™ app allows certain packets to remain unencrypted instead of being properly secured within the tunnel. An attacker with physical access to the network can inject rogue devices to intercept these packets. Under normal operating conditions, the GlobalProtect app automatically recovers from this interception within one minute.

Paloalto Code Injection
NVD
CVSS 3.1
3.5
EPSS
0.0%
CVE-2024-38823 LOW PATCH Monitor

CVE-2024-38823 is a security vulnerability (CVSS 2.7). Remediation should follow standard vulnerability management procedures.

Information Disclosure Debian Ubuntu
NVD
CVSS 3.1
2.7
EPSS
0.1%
CVE-2024-38822 LOW PATCH Monitor

Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion can impersonate another minion.

Authentication Bypass Debian Ubuntu
NVD
CVSS 3.1
2.7
EPSS
0.1%
CVE-2025-48825 LOW Monitor

A remote code execution vulnerability in RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.7.0 (CVSS 2.5) that allows an attacker who can conduct a man-in-the-middle attack. Remediation should follow standard vulnerability management procedures.

Information Disclosure
NVD
CVSS 3.0
2.5
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy