Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2025-01-20 CVE-2025-0576 A vulnerability was found in Mobotix M15 4.3.4.83 and classified as problematic.
network
low complexity
CWE-94
4.3
4.3
2025-01-19 CVE-2025-0567 A vulnerability classified as problematic was found in Epic Games Launcher up to 17.2.1.
local
high complexity
CWE-426
4.5
4.5
2025-01-19 CVE-2024-8722 The Import any XML or CSV File to WordPress PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.9.7 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
5.5
5.5
2025-01-19 CVE-2024-45652 IBM Maximo MXAPIASSET API 7.6.1.3 could allow a remote attacker to traverse directories on the system.
network
low complexity
CWE-22
6.5
6.5
2025-01-19 CVE-2024-45653 IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could disclose sensitive IP address information to authenticated users in responses that could be used in further attacks against the system.
network
low complexity
CWE-201
4.3
4.3
2025-01-19 CVE-2024-45654 IBM Security ReaQta 3.12 could allow an authenticated user to perform unauthorized actions due to reliance on untrusted inputs.
network
low complexity
CWE-807
4.3
4.3
2025-01-19 CVE-2025-0562 A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical.
network
low complexity
CWE-74
6.3
6.3
2025-01-19 CVE-2025-0563 A vulnerability was found in code-projects Fantasy-Cricket 1.0.
network
low complexity
CWE-74
6.3
6.3
2025-01-19 CVE-2025-0561 A vulnerability has been found in itsourcecode Farm Management System 1.0 and classified as critical.
network
low complexity
CWE-74
6.3
6.3
2025-01-18 CVE-2024-47106 IBM Jazz for Service Management 1.1.3 through 1.1.3.22 could allow a remote attacker to obtain sensitive information from improper access restrictions that could aid in further attacks against the system.
network
low complexity
CWE-552
5.3
5.3