VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-01-18
CVE-2024-49824
IBM Robotic Process Automation 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 and IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 could allow an authenticated user to perform unauthorized actions as a privileged user due to improper validation of client-side security enforcement.
network
low complexity
CWE-602
6.5
6.5
2025-01-18
CVE-2024-49338
IBM App Connect Enterprise 12.0.1.0 through 12.0.7.0and 13.0.1.0 under certain configurations could allow a privileged user to obtain JMS credentials.
network
high complexity
4.4
4.4
2025-01-18
CVE-2024-51448
IBM Robotic Process Automation 21.0.0 through 21.0.7.17 and 23.0.0 through 23.0.18 could allow a local user to escalate their privileges.
local
low complexity
CWE-277
6.7
6.7
2025-01-18
CVE-2025-0560
A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0.
network
low complexity
CWE-94
2.4
2.4
2025-01-18
CVE-2025-0559
A vulnerability, which was classified as problematic, has been found in Campcodes School Management Software 1.0.
network
low complexity
CWE-94
2.4
2.4
2025-01-18
CVE-2025-0558
A vulnerability classified as critical was found in TDuckCloud tduck-platform up to 4.0.
network
low complexity
CWE-74
6.3
6.3
2025-01-18
CVE-2024-13184
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to time-based SQL Injection via the Login Attempts module in all versions up to, and including, 3.0.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
network
low complexity
CWE-89
7.5
7.5
2025-01-18
CVE-2024-13375
The Adifier System plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.1.7.
network
low complexity
CWE-620
critical
9.8
9.8
2025-01-18
CVE-2025-0557
A vulnerability classified as problematic has been found in Hyland Alfresco Community Edition and Alfresco Enterprise Edition up to 6.2.2.
network
low complexity
CWE-94
4.3
4.3
2025-01-18
CVE-2024-13392
The Rate Star Review Vote – AJAX Reviews, Votes, Star Ratings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhisper_reviews' shortcode in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
«
Previous
1
2
...
12
13
14
(current)
15
16
...
16090
16091
»
Next