Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2025-04-02 CVE-2024-56476 IBM TXSeries for Multiplatforms 9.1 and 11.1 could allow an attacker to enumerate usernames due to an observable login attempt response discrepancy.
network
low complexity
CWE-204
5.3
2025-04-02 CVE-2025-0154 IBM TXSeries for Multiplatforms 9.1 and 11.1 could disclose sensitive information to a remote attacker due to improper neutralization of HTTP headers.
network
low complexity
CWE-644
5.3
2025-04-02 CVE-2024-25051 IBM Jazz Reporting Service 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated privileged user to impersonate another user on the system.
network
high complexity
CWE-613
6.6
2025-04-02 CVE-2024-56341 IBM Content Navigator 3.0.11, 3.0.15, and 3.1.0 is vulnerable to cross-site scripting.
network
low complexity
CWE-79
5.4
2025-04-02 CVE-2024-50384 A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0.
network
low complexity
CWE-459
6.5
2025-04-02 CVE-2024-50385 A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0.
network
low complexity
CWE-459
6.5
2025-04-02 CVE-2024-50594 An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0.
network
low complexity
CWE-191
4.3
2025-04-02 CVE-2024-50595 An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0.
network
low complexity
CWE-191
4.3
2025-04-02 CVE-2024-50596 An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0.
network
low complexity
CWE-191
4.3
2025-04-02 CVE-2024-50597 An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0.
network
low complexity
CWE-191
4.3