v.26.3.2229

Medium Severity Vulnerabilities

Found 8644 vulnerabilities at Medium severity.

Vulnerability Name

CVE

CWE

Severity

Liferay Portal Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-4655)

CVE-2025-4655

CWE-918

Medium

Liferay DXP Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-4655)

CVE-2025-4655

CWE-918

Medium

WebLogic Improper Privilege Management Vulnerability (CVE-2025-50064)

CVE-2025-50064

CWE-269

Medium

Oracle Database Server Improper Access Control Vulnerability (CVE-2025-50070)

CVE-2025-50070

CWE-284

Medium

WebLogic Improper Access Control Vulnerability (CVE-2025-50072)

CVE-2025-50072

CWE-284

Medium

WebLogic Improper Authorization Vulnerability (CVE-2025-50073)

CVE-2025-50073

CWE-285

Medium

MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50076)

CVE-2025-50076

CWE-400

Medium

MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50077)

CVE-2025-50077

CWE-400

Medium

MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50078)

CVE-2025-50078

CWE-400

Medium

MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50079)

CVE-2025-50079

CWE-400

Medium

MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50080)

CVE-2025-50080

CWE-400

Medium

MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50082)

CVE-2025-50082

CWE-400

Medium

MySQL CVE-2025-50083 Vulnerability (CVE-2025-50083)

CVE-2025-50083

-

Medium

MySQL Incorrect Authorization Vulnerability (CVE-2025-50084)

CVE-2025-50084

CWE-863

Medium

MySQL Incorrect Authorization Vulnerability (CVE-2025-50085)

CVE-2025-50085

CWE-863

Medium

MySQL Incorrect Authorization Vulnerability (CVE-2025-50086)

CVE-2025-50086

CWE-863

Medium

MySQL CVE-2025-50087 Vulnerability (CVE-2025-50087)

CVE-2025-50087

-

Medium

MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50088)

CVE-2025-50088

CWE-400

Medium

MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50089)

CVE-2025-50089

CWE-400

Medium

MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50091)

CVE-2025-50091

CWE-400

Medium

MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50092)

CVE-2025-50092

CWE-400

Medium

MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50093)

CVE-2025-50093

CWE-400

Medium

MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50094)

CVE-2025-50094

CWE-400

Medium

MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50095)

CVE-2025-50095

CWE-400

Medium

MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50096)

CVE-2025-50096

CWE-400

Medium

MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50097)

CVE-2025-50097

CWE-400

Medium

MySQL CVE-2025-50099 Vulnerability (CVE-2025-50099)

CVE-2025-50099

-

Medium

MySQL CVE-2025-50101 Vulnerability (CVE-2025-50101)

CVE-2025-50101

-

Medium

MySQL CVE-2025-50102 Vulnerability (CVE-2025-50102)

CVE-2025-50102

-

Medium

MySQL CVE-2025-50103 Vulnerability (CVE-2025-50103)

CVE-2025-50103

-

Medium

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-50186)

CVE-2025-50186

CWE-707

Medium

Chamilo Deserialization of Untrusted Data Vulnerability (CVE-2025-50198)

CVE-2025-50198

CWE-502

Medium

XWikiplatform Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-51990)

CVE-2025-51990

CWE-707

Medium

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-52468)

CVE-2025-52468

CWE-707

Medium

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-52470)

CVE-2025-52470

CWE-707

Medium

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-52475)

CVE-2025-52475

CWE-707

Medium

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-52476)

CVE-2025-52476

CWE-707

Medium

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-52563)

CVE-2025-52563

CWE-707

Medium

Chamilo Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability (CVE-2025-52564)

CVE-2025-52564

CWE-707

Medium

EspoCRM Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') Vulnerability (CVE-2025-52575)

CVE-2025-52575

CWE-138

Medium

ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-52667)

CVE-2025-52667

CWE-707

Medium

ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-52668)

CVE-2025-52668

CWE-707

Medium

ReviveAdserver Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2025-52669)

CVE-2025-52669

CWE-200

Medium

ReviveAdserver Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-52670)

CVE-2025-52670

CWE-639

Medium

ReviveAdserver Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2025-52671)

CVE-2025-52671

CWE-209

Medium

EspoCRM Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2025-52892)

CVE-2025-52892

-

Medium

Moodle Session Fixation Vulnerability (CVE-2025-53021)

CVE-2025-53021

CWE-384

Medium

Oracle Database Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2025-53047)

CVE-2025-53047

CWE-200

Medium

Oracle JRE Improper Access Control Vulnerability (CVE-2025-53057)

CVE-2025-53057

CWE-284

Medium

SharePoint Buffer Over-read Vulnerability (CVE-2025-53736)

CVE-2025-53736

CWE-126

Medium

SharePoint Improper Authentication Vulnerability (CVE-2025-53771)

CVE-2025-53771

CWE-287

Medium

Apache HTTP Server Incorrect Check of Function Return Value Vulnerability (CVE-2025-54090)

CVE-2025-54090

CWE-253

Medium

XWikiplatform Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2025-54124)

CVE-2025-54124

CWE-359

Medium

XWikiplatform Exposure of Private Personal Information to an Unauthorized Actor Vulnerability (CVE-2025-54125)

CVE-2025-54125

CWE-359

Medium

ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-55123)

CVE-2025-55123

CWE-707

Medium

ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-55124)

CVE-2025-55124

CWE-707

Medium

Next.js Improper Input Validation Vulnerability (CVE-2025-55173)

CVE-2025-55173

CWE-20

Medium

React CVE-2025-55183 Vulnerability (CVE-2025-55183)

CVE-2025-55183

-

Medium

Next.js CVE-2025-55183 Vulnerability (CVE-2025-55183)

CVE-2025-55183

-

Medium

Apache Tomcat Session Fixation Vulnerability (CVE-2025-55668)

CVE-2025-55668

CWE-384

Medium

Next.js Use of Cache Containing Sensitive Information Vulnerability (CVE-2025-57752)

CVE-2025-57752

CWE-524

Medium

Contao Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2025-57756)

CVE-2025-57756

CWE-200

Medium

Contao Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2025-57757)

CVE-2025-57757

CWE-200

Medium

Contao Improper Access Control Vulnerability (CVE-2025-57758)

CVE-2025-57758

CWE-284

Medium

Contao Improper Privilege Management Vulnerability (CVE-2025-57759)

CVE-2025-57759

CWE-269

Medium

Hiawatha CVE-2025-57783 Vulnerability (CVE-2025-57783)

CVE-2025-57783

-

Medium

TYPO3 URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2025-59013)

CVE-2025-59013

CWE-601

Medium

TYPO3 Insufficient Entropy Vulnerability (CVE-2025-59015)

CVE-2025-59015

CWE-331

Medium

TYPO3 Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2025-59016)

CVE-2025-59016

CWE-209

Medium

TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2025-59018)

CVE-2025-59018

CWE-200

Medium

TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2025-59019)

CVE-2025-59019

CWE-200

Medium

TYPO3 Incorrect Authorization Vulnerability (CVE-2025-59020)

CVE-2025-59020

CWE-863

Medium

TYPO3 Missing Authorization Vulnerability (CVE-2025-59021)

CVE-2025-59021

CWE-862

Medium

Squid Stack-based Buffer Overflow Vulnerability (CVE-2025-59362)

CVE-2025-59362

CWE-121

Medium

CubeCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-59411)

CVE-2025-59411

CWE-707

Medium