Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2024-12-17 CVE-2024-49820 IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.
network
high complexity
CWE-319
3.7
3.7
2024-12-17 CVE-2024-9654 The Easy Digital Downloads plugin for WordPress is vulnerable to Improper Authorization in versions 3.1 through 3.3.4.
network
high complexity
CWE-863
3.7
3.7
2024-12-13 CVE-2024-12300 The AR for WordPress plugin for WordPress is vulnerable to unauthorized double extension file upload due to a missing capability check on the set_ar_featured_image() function in all versions up to, and including, 7.3.
network
high complexity
CWE-862
3.7
3.7
2024-12-12 CVE-2024-44200 Unspecified vulnerability in Apple Ipados
This issue was addressed with improved redaction of sensitive information.
local
low complexity
apple
3.3
3.3
2024-12-12 CVE-2024-44290 Unspecified vulnerability in Apple Ipados
This issue was addressed with improved redaction of sensitive information.
local
low complexity
apple
3.3
3.3
2024-12-12 CVE-2024-54485 Unspecified vulnerability in Apple Iphone OS
The issue was addressed by adding additional logic.
low complexity
apple
2.4
2.4
2024-12-12 CVE-2024-54493 Unspecified vulnerability in Apple Macos
This issue was addressed through improved state management.
local
low complexity
apple
3.3
3.3
2024-12-11 CVE-2023-23472 IBM InfoSphere DataStage Flow Designer (InfoSphere Information Server 11.7) could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system.
network
high complexity
CWE-497
3.1
3.1
2024-12-11 CVE-2023-37395 IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data.
local
high complexity
CWE-327
2.5
2.5
2024-12-03 CVE-2024-25036 Authentication Bypass Using an Alternate Path or Channel vulnerability in IBM Cognos Controller 11.0.0/11.0.1
IBM Cognos Controller 11.0.0 and 11.0.1 could allow an authenticated user with local access to bypass security allowing users to circumvent restrictions imposed on input fields.
local
low complexity
ibm CWE-288
3.3
3.3