VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-01-21
CVE-2024-13404
The Link Library plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'searchll' parameter in all versions up to, and including, 7.7.2 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
6.1
6.1
2025-01-21
CVE-2024-10936
The String locator plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.6.6 via deserialization of untrusted input in the 'recursive_unserialize_replace' function.
network
low complexity
CWE-502
8.8
8.8
2025-01-21
CVE-2025-0371
The JetElements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including, 2.7.2.1 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2025-01-21
CVE-2024-13536
The 1003 Mortgage Application plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.87.
network
low complexity
CWE-209
5.3
5.3
2025-01-21
CVE-2024-45091
IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.24, 7.1 through 7.1.2.10, and 7.2 through 7.2.3.13 stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs.
local
low complexity
CWE-532
6.2
6.2
2025-01-20
CVE-2024-22347
IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0.
network
high complexity
CWE-327
5.9
5.9
2025-01-20
CVE-2024-22348
IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0.
network
low complexity
CWE-942
5.3
5.3
2025-01-20
CVE-2024-22349
IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0.
local
low complexity
CWE-525
4.0
4.0
2025-01-20
CVE-2024-45647
IBM Security Verify Access 10.0.0 through 10.0.8 and IBM Security Verify Access Docker 10.0.0 through 10.0.8 could allow could an unverified user to change the password of an expired user without prior knowledge of that password.
network
high complexity
CWE-620
5.6
5.6
2025-01-20
CVE-2024-13524
A vulnerability has been found in obsproject OBS Studio up to 30.0.2 on Windows and classified as problematic.
local
high complexity
CWE-426
4.5
4.5
«
Previous
1
2
...
8
9
10
(current)
11
12
...
16090
16091
»
Next