Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-02-20 CVE-2024-49782 IBM OpenPages with Watson 8.3 and 9.0  could allow a remote attacker to spoof mail server identity when using SSL/TLS security.
network
high complexity
CWE-297
6.8
6.8
2025-02-19 CVE-2025-21355 Missing Authentication for Critical Function in Microsoft Bing allows an unauthorized attacker to execute code over a network
network
low complexity
CWE-306
8.6
8.6
2025-02-19 CVE-2025-0624 A flaw was found in grub2.
high complexity
CWE-787
7.6
7.6
2025-02-19 CVE-2025-0677 A flaw was found in grub2.
local
high complexity
CWE-787
6.4
6.4
2025-02-19 CVE-2024-45777 A flaw was found in grub2.
local
low complexity
CWE-787
6.7
6.7
2025-02-19 CVE-2024-53974 Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields.
network
low complexity
CWE-79
5.4
5.4
2025-02-19 CVE-2025-1118 A flaw was found in grub2.
local
low complexity
CWE-501
4.4
4.4
2025-02-19 CVE-2023-47160 IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.
network
low complexity
CWE-611
8.2
8.2
2025-02-19 CVE-2024-28776 IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 is vulnerable to cross-site scripting.
network
low complexity
CWE-79
5.4
5.4
2025-02-19 CVE-2024-28777 IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 is vulnerable to unrestricted deserialization.
network
low complexity
CWE-502
8.8
8.8