Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2025-03-27 CVE-2025-2878 A vulnerability was found in Kentico CMS up to 13.0.178.
network
low complexity
CWE-94
2.4
2.4
2025-03-26 CVE-2025-20233 In the Splunk App for Lookup File Editing versions below 4.0.5, a script in the app used the `chmod` and `makedirs` Python functions in a way that resulted in overly broad read and execute permissions.
local
high complexity
CWE-732
2.5
2.5
2025-03-26 CVE-2025-1911 The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the admin_log_page() function in all versions up to, and including, 2.5.0.
network
low complexity
CWE-73
2.7
2.7
2025-03-25 CVE-2025-2724 A vulnerability classified as problematic has been found in GNOME libgsf up to 1.14.53.
local
low complexity
CWE-125
3.3
3.3
2025-03-25 CVE-2025-2720 A vulnerability was found in GNOME libgsf up to 1.14.53 and classified as problematic.
local
low complexity
CWE-457
3.3
3.3
2025-03-22 CVE-2025-2617 A vulnerability classified as problematic was found in yangyouwang ??? crud ???????? 1.0.0.
network
low complexity
CWE-94
2.4
2.4
2025-03-22 CVE-2025-1972 The Export and Import Users and Customers plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the admin_log_page() function in all versions up to, and including, 2.6.2.
network
low complexity
CWE-73
2.7
2.7
2025-03-22 CVE-2025-2616 A vulnerability classified as problematic has been found in yangyouwang ??? crud ???????? 1.0.0.
network
low complexity
CWE-94
2.4
2.4
2025-03-21 CVE-2025-2588 Unspecified vulnerability in Augeas 1.14.1
A vulnerability has been found in Hercules Augeas 1.14.1 and classified as problematic.
local
low complexity
augeas
3.3
3.3
2025-03-21 CVE-2025-27715 Incorrect Authorization vulnerability in Mattermost Server
Mattermost versions 9.11.x <= 9.11.8 fail to prompt for explicit approval before adding a team admin to a private channel, which team admins to joining private channels via crafted permalink links without explicit consent from them.
network
low complexity
mattermost CWE-863
2.7
2.7