Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-01-19 CVE-2024-45652 IBM Maximo MXAPIASSET API 7.6.1.3 could allow a remote attacker to traverse directories on the system.
network
low complexity
CWE-22
6.5
6.5
2025-01-19 CVE-2024-45653 IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could disclose sensitive IP address information to authenticated users in responses that could be used in further attacks against the system.
network
low complexity
CWE-201
4.3
4.3
2025-01-19 CVE-2024-45654 IBM Security ReaQta 3.12 could allow an authenticated user to perform unauthorized actions due to reliance on untrusted inputs.
network
low complexity
CWE-807
4.3
4.3
2025-01-19 CVE-2025-0562 A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical.
network
low complexity
CWE-74
6.3
6.3
2025-01-19 CVE-2025-0563 A vulnerability was found in code-projects Fantasy-Cricket 1.0.
network
low complexity
CWE-74
6.3
6.3
2025-01-19 CVE-2025-0561 A vulnerability has been found in itsourcecode Farm Management System 1.0 and classified as critical.
network
low complexity
CWE-74
6.3
6.3
2025-01-18 CVE-2024-45662 IBM Safer Payments 6.4.0.00 through 6.4.2.07, 6.5.0.00 through 6.5.0.05, and 6.6.0.00 through 6.6.0.03 could allow a remote attacker to cause a denial of service due to improper allocation of resources.
network
low complexity
CWE-770
7.5
7.5
2025-01-18 CVE-2024-47106 IBM Jazz for Service Management 1.1.3 through 1.1.3.22 could allow a remote attacker to obtain sensitive information from improper access restrictions that could aid in further attacks against the system.
network
low complexity
CWE-552
5.3
5.3
2025-01-18 CVE-2024-47113 IBM ICP - Voice Gateway 1.0.2, 1.0.2.4, 1.0.3, 1.0.4, 1.0.5, 1.0.6.
network
low complexity
CWE-91
8.1
8.1
2025-01-18 CVE-2024-49354 IBM Concert 1.0.0, 1.0.1, and 1.0.2 is vulnerable to sensitive information disclosure through specially crafted API Calls.
network
low complexity
CWE-213
5.3
5.3