Skip to main content
CVE-2025-8889 LOW POC Monitor

The Compress & Upload WordPress plugin before 1.0.5 does not properly validate uploaded files, allowing high privilege users such as admin to upload arbitrary files on the server even when they. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress File Upload Compress And Upload Plugin
NVD WPScan VulDB
CVSS 3.1
3.8
EPSS
0.0%
CVE-2025-10117 LOW POC Monitor

A weakness has been identified in SourceCodester Simple To-Do List System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-8277 LOW Monitor

A flaw was found in libssh's handling of key exchange (KEX) processes when a client repeatedly sends incorrect KEX guesses. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Microsoft
NVD
CVSS 3.1
3.1
EPSS
0.1%
CVE-2025-10121 LOW Monitor

A flaw has been found in uverif up to 3.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-10107 LOW Monitor

A vulnerability has been found in TRENDnet TEW-831DR 1.0 (601.130.1.1410). Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-10122 LOW Monitor

A vulnerability was found in Maccms10 2025.1000.4050. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-5500 LOW Monitor

A flaw has been found in ZhenShi Mibro Fit App 1.6.3.17499 on Android. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2025-40803 LOW Monitor

A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). Rated low severity (CVSS 2.3), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Ruggedcom Rst2428P Firmware
NVD
CVSS 4.0
2.3
EPSS
0.0%
CVE-2025-40802 LOW Monitor

A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). Rated low severity (CVSS 2.3), this vulnerability is no authentication required. No vendor patch available.

Denial Of Service Ruggedcom Rst2428P Firmware
NVD
CVSS 4.0
2.3
EPSS
0.0%
CVE-2025-9111 LOW POC Monitor

The AI ChatBot for WordPress WordPress plugin before 7.1.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Wpbot PHP
NVD WPScan
CVSS 3.1
3.5
EPSS
0.1%
CVE-2025-42927 LOW Monitor

SAP NetWeaver AS Java application uses Adobe Document Service, installed with a vulnerable version of OpenSSL.Successful exploitation of known vulnerabilities in the outdated OpenSSL library would. Rated low severity (CVSS 3.4), this vulnerability is low attack complexity. No vendor patch available.

Java Adobe OpenSSL SAP Information Disclosure
NVD
CVSS 3.1
3.4
EPSS
0.0%
CVE-2025-42914 LOW Monitor

Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an authenticated attacker with in-depth system knowledge to escalate privileges and perform activities that are. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass SAP
NVD
CVSS 3.1
3.1
EPSS
0.0%
CVE-2025-42913 LOW Monitor

Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an authenticated attacker with in-depth system knowledge to escalate privileges and perform activities that are. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass SAP
NVD
CVSS 3.1
3.1
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy