Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2025-01-24	CVE-2025-0700	A vulnerability was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. network low complexity CWE-74	6.3
2025-01-24	CVE-2025-0701	A vulnerability classified as critical has been found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. network low complexity CWE-74	6.3
2025-01-24	CVE-2024-13698	Missing Authorization vulnerability in Astoundify Jobify The Jobify - Job Board WordPress Theme for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'download_image_via_ai' and 'generate_image_via_ai' functions in all versions up to, and including, 4.2.7. network low complexity astoundify CWE-862	6.5
2025-01-24	CVE-2024-25034	Unrestricted Upload of File with Dangerous Type vulnerability in IBM Planning Analytics 2.0/2.1 IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the type of file in the File Manager T1 process. network low complexity ibm CWE-434	8.8
2025-01-24	CVE-2024-40693	Unrestricted Upload of File with Dangerous Type vulnerability in IBM Planning Analytics 2.0/2.1 IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface. network low complexity ibm CWE-434	8.0
2025-01-24	CVE-2024-40706	Exposure of System Data to an Unauthorized Control Sphere vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could allow a remote user to obtain sensitive version information that could aid in further attacks against the system. network low complexity ibm CWE-497	4.3
2025-01-24	CVE-2024-41757	Missing Encryption of Sensitive Data vulnerability in IBM Concert Software 1.0.0/1.0.1 IBM Concert Software 1.0.0 and 1.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. network high complexity ibm CWE-311	5.9
2025-01-24	CVE-2024-45077	IBM Maximo Asset Management 7.6.1.3 MXAPIASSET API is vulnerable to unrestricted file upload which allows authenticated low privileged user to upload restricted file types with a simple method of adding a dot to the end of the file name if Maximo is installed on Windows operating system. network low complexity CWE-98	6.5
2025-01-24	CVE-2025-0698	A vulnerability was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. network low complexity CWE-74	6.3
2025-01-24	CVE-2025-0699	A vulnerability was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. network low complexity CWE-74	6.3

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities