Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-01-20 CVE-2024-45647 Unspecified vulnerability in IBM products
IBM Security Verify Access 10.0.0 through 10.0.8 and IBM Security Verify Access Docker 10.0.0 through 10.0.8 could allow could an unverified user to change the password of an expired user without prior knowledge of that password.
network
low complexity
ibm
critical
 9.8
9.8
2025-01-20 CVE-2024-13524 A vulnerability has been found in obsproject OBS Studio up to 30.0.2 on Windows and classified as problematic.
local
high complexity
CWE-426
4.5
4.5
2025-01-20 CVE-2025-0579 A vulnerability was found in Shiprocket Module 3/4 on OpenCart.
network
low complexity
CWE-74
7.3
7.3
2025-01-20 CVE-2025-0580 A vulnerability was found in Shiprocket Module 3 on OpenCart.
network
high complexity
CWE-863
5.6
5.6
2025-01-20 CVE-2025-0581 Cross-site Scripting vulnerability in Campcodes School Management Software 1.0
A vulnerability classified as problematic has been found in CampCodes School Management Software 1.0.
network
low complexity
campcodes CWE-79
5.4
5.4
2025-01-20 CVE-2025-0582 Unrestricted Upload of File with Dangerous Type vulnerability in Angeljudesuarez Tailoring Management System 1.0
A vulnerability classified as critical was found in itsourcecode Farm Management System up to 1.0.
network
low complexity
angeljudesuarez CWE-434
7.2
7.2
2025-01-20 CVE-2025-0584 The a+HRD from aEnrich Technology has a Server-side Request Forgery, allowing unauthenticated remote attackers to exploit this vulnerability to probe internal network.
network
low complexity
CWE-918
5.3
5.3
2025-01-20 CVE-2025-0585 The a+HRD from aEnrich Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
network
low complexity
CWE-89
critical
 9.8
9.8
2025-01-20 CVE-2025-0586 The a+HRD from aEnrich Technology has an Insecure Deserialization vulnerability, allowing remote attackers with database modification privileges and regular system privileges to perform arbitrary code execution.
network
low complexity
CWE-502
7.2
7.2
2025-01-20 CVE-2025-0578 A vulnerability was found in Facile Sistemas Cloud Apps up to 20250107.
network
low complexity
CWE-94
3.5
3.5