| 2025-01-14 | CVE-2024-13323 | The WP Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'booking' shortcode in all versions up to, and including, 10.9.2 due to insufficient input sanitization and output escaping on user supplied attributes. | 6.4 |
| 2025-01-14 | CVE-2024-13348 | The Smart Agenda – Prise de rendez-vous en ligne plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.7. | 6.1 |
| 2025-01-14 | CVE-2024-12398 | Unspecified vulnerability in Zyxel products
An improper privilege management vulnerability in the web management interface of the Zyxel WBE530 firmware versions through 7.00(ACLE.3) and WBE660S firmware versions through 6.70(ACGG.2) could allow an authenticated user with limited privileges to escalate their privileges to that of an administrator, enabling them to upload configuration files to a vulnerable device. network low complexity zyxel | 8.8 |
| 2025-01-14 | CVE-2024-11396 | The Event Monster – Event Management, Tickets Booking, Upcoming Event plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.4.3 via the Visitors List Export file. | 5.3 |
| 2025-01-12 | CVE-2024-51456 | IBM Robotic Process Automation 21.0.0 through 21.0.7.19 and 23.0.0 through 23.0.19 could allow a remote attacker to obtain sensitive data that may be exposed through certain crypto-analytic attacks. | 5.9 |
| 2025-01-12 | CVE-2021-29669 | IBM Jazz Foundation 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. | 5.4 |
| 2025-01-12 | CVE-2024-49785 | IBM watsonx.ai 1.1 through 2.0.3 and IBM watsonx.ai on Cloud Pak for Data 4.8 through 5.0.3 is vulnerable to cross-site scripting. | 5.4 |
| 2025-01-11 | CVE-2024-57881 | NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: mm/page_alloc: don't call pfn_to_page() on possibly non-existent PFN in split_large_buddy() In split_large_buddy(), we might call pfn_to_page() on a PFN that might not exist. | 5.5 |
| 2025-01-11 | CVE-2024-57872 | Memory Leak vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: pltfrm: Dellocate HBA during ufshcd_pltfrm_remove() This will ensure that the scsi host is cleaned up properly using scsi_host_dev_release(). | 5.5 |
| 2025-01-11 | CVE-2024-53689 | Improper Locking vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: block: Fix potential deadlock while freezing queue and acquiring sysfs_lock For storing a value to a queue attribute, the queue_attr_store function first freezes the queue (->q_usage_counter(io)) and then acquire ->sysfs_lock. | 5.5 |