Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2025-02-06 CVE-2024-52892 IBM Jazz for Service Management 1.1.3 through 1.1.3.23 is vulnerable to cross-site scripting.
network
low complexity
CWE-79
6.1
6.1
2025-02-06 CVE-2025-1078 A vulnerability has been found in AppHouseKitchen AlDente Charge Limiter up to 1.29 on macOS and classified as critical.
local
low complexity
CWE-266
5.3
5.3
2025-02-06 CVE-2025-1074 A vulnerability, which was classified as problematic, was found in Webkul QloApps 1.6.1.
network
low complexity
CWE-862
4.3
4.3
2025-02-06 CVE-2025-0859 The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.27.6 via the template_via_url() function.
network
low complexity
CWE-22
6.5
6.5
2025-02-06 CVE-2025-0799 IBM App Connect enterprise 12.0.1.0 through 12.0.12.10 and 13.0.1.0 through 13.0.2.1 could allow an authenticated user to write to an arbitrary file on the system during bar configuration deployment due to improper pathname limitations on restricted directories.
network
low complexity
CWE-22
6.5
6.5
2025-02-06 CVE-2024-49791 Cross-site Scripting vulnerability in IBM Applinx 11.1.0
IBM ApplinX 11.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2025-02-06 CVE-2024-49792 Cross-site Scripting vulnerability in IBM Applinx 11.1.0
IBM ApplinX 11.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2025-02-06 CVE-2024-49793 Cross-site Scripting vulnerability in IBM Applinx 11.1.0
IBM ApplinX 11.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2025-02-06 CVE-2024-49794 Cross-Site Request Forgery (CSRF) vulnerability in IBM Applinx 11.1.0
IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
4.3
4.3
2025-02-06 CVE-2024-49795 Cross-Site Request Forgery (CSRF) vulnerability in IBM Applinx 11.1.0
IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
4.3
4.3