Browse CVEs
16,591 medium risk vulnerabilities
| CVE ID | Title | Severity | CVSS | Risk | Patch | Published |
|---|---|---|---|---|---|---|
| CVE-2024-12911 | A vulnerability in the `default_jsonalyzer` function of t... | High | 7.1 | Medium Risk | Patched | 20-Mar-25 |
| CVE-2025-1473 | A Cross-Site Request Forgery (CSRF) vulnerability exists ... | High | 7.1 | Medium Risk | 20-Mar-25 | |
| CVE-2024-7035 | In version v0.3.8 of open-webui/open-webui, sensitive act... | Medium | 6.9 | Medium Risk | 20-Mar-25 | |
| CVE-2024-7039 | In open-webui/open-webui version v0.3.8, there is an impr... | Medium | 6.7 | Medium Risk | 20-Mar-25 | |
| CVE-2025-1474 | In mlflow/mlflow version 2.18, an admin is able to create... | Medium | 5.5 | Medium Risk | Patched | 20-Mar-25 |
| CVE-2025-27888 | Severity: medium (5.8) / important Server-Side Request F... | Medium | 5.4 | Medium Risk | 20-Mar-25 | |
| CVE-2025-29914 | OWASP Coraza WAF is a golang modsecurity compatible web a... | Medium | 5.4 | Medium Risk | Patched | 20-Mar-25 |
| CVE-2024-10940 | A vulnerability in langchain-core versions >=0.1.17,<0.1.... | Medium | 5.3 | Medium Risk | Patched | 20-Mar-25 |
| CVE-2024-54016 | Improper Handling of Highly Compressed Data (Data Amplifi... | Medium | 4.3 | Medium Risk | Patched | 20-Mar-25 |
| CVE-2024-7045 | In version v0.3.8 of open-webui/open-webui, improper acce... | Medium | 4.3 | Medium Risk | 20-Mar-25 |