Skip to main content
CVE-2025-36134 LOW Monitor

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could disclose sensitive information due to a missing or insecure SameSite. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure IBM Sterling B2b Integrator Sterling File Gateway
NVD
CVSS 3.1
3.7
EPSS
0.1%
CVE-2025-65961 LOW PATCH Monitor

Contao is an Open Source CMS. Rated low severity (CVSS 3.3), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection Contao
NVD GitHub
CVSS 3.1
3.3
EPSS
0.0%
CVE-2025-33198 LOW Monitor

NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Nvidia Dgx Os
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2025-33199 LOW Monitor

NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause incorrect control flow behavior. Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Nvidia Dgx Os
NVD
CVSS 3.1
3.2
EPSS
0.0%
CVE-2025-65942 LOW PATCH Monitor

VictoriaMetrics is a scalable solution for monitoring and managing time series data. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service
NVD GitHub
CVSS 3.1
2.7
EPSS
0.1%
CVE-2025-33200 LOW Monitor

NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a resource to be reused. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Nvidia Dgx Os
NVD
CVSS 3.1
2.3
EPSS
0.0%
CVE-2025-13643 LOW Monitor

A user with access to the cluster with a limited set of privilege actions may be able to terminate queries that are being executed by other users. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Authentication Bypass MongoDB
NVD
CVSS 4.0
2.3
EPSS
0.1%
CVE-2025-12893 LOW Monitor

Clients may successfully perform a TLS handshake with a MongoDB server despite presenting a client certificate not aligning with the documented Extended Key Usage (EKU) requirements. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple Microsoft Information Disclosure MongoDB Windows
NVD
CVSS 4.0
2.3
EPSS
0.0%
CVE-2025-62497 LOW Monitor

Cross-site request forgery vulnerability exists in SNC-CX600W versions prior to Ver.2.8.0. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Snc Cx600W Firmware
NVD
CVSS 4.0
2.1
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy