| 2025-01-08 | CVE-2024-56441 | Race Condition vulnerability in Huawei Emui and Harmonyos
Race condition vulnerability in the Bastet module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | 5.9 |
| 2025-01-08 | CVE-2024-56445 | Improper Authentication vulnerability in Huawei Harmonyos 5.0.0
Instruction authentication bypass vulnerability in the Findnetwork module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. | 5.3 |
| 2025-01-08 | CVE-2024-40679 | Information Exposure Through Log Files vulnerability in IBM DB2 11.5
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an information disclosure vulnerability as sensitive information may be included in a log file under specific conditions. | 5.5 |
| 2025-01-07 | CVE-2025-22132 | Unrestricted Upload of File with Dangerous Type vulnerability in Wegia
WeGIA is a web manager for charitable institutions. | 4.8 |
| 2025-01-07 | CVE-2025-0301 | Cross-site Scripting vulnerability in Fabianros Online Book Shop 1.0
A vulnerability, which was classified as problematic, has been found in code-projects Online Book Shop 1.0. | 6.1 |
| 2025-01-07 | CVE-2022-22363 | IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.3 |
| 2025-01-07 | CVE-2024-25037 | IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. | 4.3 |
| 2025-01-07 | CVE-2024-28778 | IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 is vulnerable to exposure of Artifactory API keys. | 6.5 |
| 2025-01-07 | CVE-2024-12131 | Authorization Bypass Through User-Controlled Key vulnerability in Wpjobportal WP JOB Portal
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.5 due to missing validation on a user controlled key. | 4.3 |
| 2025-01-07 | CVE-2024-12738 | The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several user meta parameters in all versions up to, and including, 3.12.9 due to insufficient input sanitization and output escaping. | 6.1 |