Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-02-05 CVE-2024-53964 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields.
network
low complexity
adobe CWE-79
5.4
2025-02-05 CVE-2024-53965 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a low privileged attacker to execute arbitrary code in the context of the victim's browser session.
network
low complexity
adobe CWE-79
5.4
2025-02-05 CVE-2024-53966 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields.
network
low complexity
adobe CWE-79
5.4
2025-02-04 CVE-2024-40700 IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 is vulnerable to cross-site scripting.
network
low complexity
CWE-79
6.1
2025-02-04 CVE-2024-43187 IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
network
high complexity
CWE-319
5.9
2025-02-04 CVE-2024-45657 IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a local privileged user to perform unauthorized actions due to incorrect permissions assignment.
local
high complexity
CWE-732
5.0
2025-02-04 CVE-2024-45658 IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned.
network
low complexity
CWE-209
2.7
2025-02-04 CVE-2025-24373 Unspecified vulnerability in Wpovernight Woocommerce PDF Invoices& Packing Slips
woocommerce-pdf-invoices-packing-slips is an extension which allows users to create, print & automatically email PDF invoices & packing slips for WooCommerce orders.
network
low complexity
wpovernight
6.5
2025-02-04 CVE-2025-25039 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager (CPPM) allows remote authenticated users to run arbitrary commands on the underlying host.
network
low complexity
arubanetworks
8.8
2025-02-04 CVE-2025-23058 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
A vulnerability in the ClearPass Policy Manager web-based management interface allows a low-privileged (read-only) authenticated remote attacker to gain unauthorized access to data and the ability to execute functions that should be restricted to administrators only with read/write privileges.
network
low complexity
arubanetworks
8.1