Skip to main content
CVE-2025-10327 LOW POC Monitor

A weakness has been identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection PHP
NVD GitHub VulDB Exploit-DB
CVSS 4.0
2.1
EPSS
1.5%
CVE-2025-10326 LOW POC Monitor

A security flaw has been discovered in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection PHP
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.3%
CVE-2025-10328 LOW POC Monitor

A security vulnerability has been detected in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection PHP
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.3%
CVE-2025-10325 LOW POC Monitor

A vulnerability was identified in Wavlink WL-WN578W2 221110. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.2%
CVE-2025-10329 LOW POC Monitor

A vulnerability was detected in cdevroe unmark up to 1.9.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SSRF
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-10318 LOW POC Monitor

A vulnerability was identified in JeecgBoot up to 3.8.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure
NVD VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-10330 LOW POC Monitor

A flaw has been found in cdevroe unmark up to 1.9.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-10274 LOW POC Monitor

A security flaw has been discovered in erjinzhi 10OA 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-10273 LOW POC Monitor

A vulnerability was identified in erjinzhi 10OA 1.0. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-10291 LOW Monitor

A weakness has been identified in linlinjava litemall up to 1.8.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-10278 LOW Monitor

A flaw has been found in YunaiV ruoyi-vue-pro up to 2025.09. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-10277 LOW Monitor

A vulnerability was detected in YunaiV yudao-cloud up to 2025.09. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-10276 LOW Monitor

A security vulnerability has been detected in YunaiV ruoyi-vue-pro up to 2025.09. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-10275 LOW Monitor

A weakness has been identified in YunaiV yudao-cloud up to 2025.09. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-10319 LOW Monitor

A security flaw has been discovered in JeecgBoot up to 3.8.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-27238 LOW Monitor

Due to a bug in Zabbix API, the hostprototype.get method lists all host prototypes to users that do not have any user groups assigned to them. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Zabbix
NVD
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-10320 LOW Monitor

A vulnerability was detected in iteachyou Dreamer CMS up to 4.1.3.2. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. No vendor patch available.

Brute Force Information Disclosure
NVD VulDB
CVSS 4.0
1.3
EPSS
0.0%
CVE-2025-10287 LOW Monitor

A vulnerability has been found in roncoo roncoo-pay up to 9428382af21cd5568319eae7429b7e1d0332ff40. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure
NVD VulDB
CVSS 4.0
1.3
EPSS
0.0%
CVE-2025-4234 LOW Monitor

A problem with the Palo Alto Networks Cortex XDR Microsoft 365 Defender Pack can result in exposure of user credentials in application logs. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Microsoft Information Disclosure
NVD
CVSS 4.0
2.4
EPSS
0.0%
CVE-2025-3650 LOW Monitor

The jQuery Colorbox WordPress plugin through 4.6.3 uses the colorbox library, which does not sanitize title attributes on links before using them, allowing users with at least the contributor role to. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS PHP
NVD WPScan
CVSS 3.1
3.5
EPSS
0.0%
CVE-2025-43789 LOW PATCH Monitor

JSON Web Services in Liferay Portal 7.4.0 through 7.4.3.119, and Liferay DXP 2024.Q1.1 through 2024.Q1.9, 7.4 GA through update 92 published to OSGi are registered and invoked directly as classes. Rated low severity (CVSS 1.0). No vendor patch available.

Authentication Bypass Digital Experience Platform Liferay Portal
NVD
CVSS 4.0
1.0
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy