Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2025-03-29 CVE-2024-43186 IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that is stored locally under certain conditions.
network
high complexity
CWE-256
5.3
5.3
2025-03-29 CVE-2024-51477 IBM InfoSphere Information Server 11.7 could allow an authenticated to obtain sensitive username information due to an observable response discrepancy.
network
low complexity
CWE-203
4.3
4.3
2025-03-29 CVE-2024-7577 IBM InfoSphere Information Server 11.7 could disclose sensitive user credentials from log files during new installation of the product.
network
high complexity
CWE-532
4.4
4.4
2025-03-28 CVE-2024-6875 A vulnerability was found in the Infinispan component in Red Hat Data Grid.
network
low complexity
CWE-401
6.5
6.5
2025-03-28 CVE-2025-2917 A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3.
network
low complexity
CWE-22
4.3
4.3
2025-03-28 CVE-2025-2919 A vulnerability was found in Netis WF-2404 1.1.124EN.
low complexity
 6.8
6.8
2025-03-28 CVE-2025-2916 A vulnerability, which was classified as critical, has been found in Aishida Call Center System up to 20250314.
network
low complexity
CWE-74
6.3
6.3
2025-03-28 CVE-2025-0986 IBM PowerVM Hypervisor FW1050.00 through FW1050.30 and FW1060.00 through FW1060.20 could allow a local user, under certain Linux processor combability mode configurations, to cause undetected data loss or errors when performing gzip compression using HW acceleration.
local
high complexity
CWE-409
4.5
4.5
2025-03-28 CVE-2025-2877 A flaw was found in the Ansible Automation Platform's Event-Driven Ansible.
network
low complexity
 6.5
6.5
2025-03-28 CVE-2025-2901 A flaw was found in the JBoss EAP Management Console, where a stored Cross-site scripting vulnerability occurs when an application improperly sanitizes user input before storing it in a data store.
network
low complexity
CWE-79
4.6
4.6