VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Medium
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-01-30
CVE-2025-0848
A vulnerability was found in Tenda A18 up to 15.13.07.09.
network
low complexity
CWE-121
6.5
6.5
2025-01-30
CVE-2025-0844
Cross-site Scripting vulnerability in Needyamin Library Card System 1.0
A vulnerability was found in needyamin Library Card System 1.0.
network
low complexity
needyamin
CWE-79
6.1
6.1
2025-01-29
CVE-2025-0840
A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43.
network
high complexity
CWE-121
5.0
5.0
2025-01-29
CVE-2023-35907
IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
network
high complexity
CWE-521
5.9
5.9
2025-01-29
CVE-2023-37398
IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
network
high complexity
CWE-521
5.9
5.9
2025-01-29
CVE-2023-37412
IBM Aspera Faspex 5.0.0 through 5.0.10 could allow a privileged user to make system changes without proper access controls.
network
high complexity
CWE-250
4.4
4.4
2025-01-29
CVE-2023-37413
IBM Aspera Faspex 5.0.0 through 5.0.10 could disclose sensitive username information due to an observable response discrepancy.
network
low complexity
CWE-204
5.3
5.3
2025-01-29
CVE-2024-13561
The Target Video Easy Publish plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's brid_override_yt shortcode in all versions up to, and including, 3.8.3 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2025-01-29
CVE-2025-0353
The Divi Torque Lite – Best Divi Addon, Extensions, Modules & Social Modules plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including, 4.1.0 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2025-01-29
CVE-2025-0804
The ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via link titles in all versions up to, and including, 2.4.1 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
6.4
6.4
«
Previous
1
2
...
54
55
56
(current)
57
58
...
6958
6959
»
Next