VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Medium
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-01-19
CVE-2024-45653
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could disclose sensitive IP address information to authenticated users in responses that could be used in further attacks against the system.
network
low complexity
CWE-201
4.3
4.3
2025-01-19
CVE-2024-45654
IBM Security ReaQta 3.12 could allow an authenticated user to perform unauthorized actions due to reliance on untrusted inputs.
network
low complexity
CWE-807
4.3
4.3
2025-01-19
CVE-2025-0562
A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical.
network
low complexity
CWE-74
6.3
6.3
2025-01-19
CVE-2025-0563
A vulnerability was found in code-projects Fantasy-Cricket 1.0.
network
low complexity
CWE-74
6.3
6.3
2025-01-18
CVE-2024-47106
IBM Jazz for Service Management 1.1.3 through 1.1.3.22 could allow a remote attacker to obtain sensitive information from improper access restrictions that could aid in further attacks against the system.
network
low complexity
CWE-552
5.3
5.3
2025-01-18
CVE-2024-49354
IBM Concert 1.0.0, 1.0.1, and 1.0.2 is vulnerable to sensitive information disclosure through specially crafted API Calls.
network
low complexity
CWE-213
5.3
5.3
2025-01-18
CVE-2024-49824
IBM Robotic Process Automation 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 and IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 could allow an authenticated user to perform unauthorized actions as a privileged user due to improper validation of client-side security enforcement.
network
low complexity
CWE-602
6.5
6.5
2025-01-18
CVE-2024-49338
IBM App Connect Enterprise 12.0.1.0 through 12.0.7.0and 13.0.1.0 under certain configurations could allow a privileged user to obtain JMS credentials.
network
high complexity
4.4
4.4
2025-01-18
CVE-2024-51448
IBM Robotic Process Automation 21.0.0 through 21.0.7.17 and 23.0.0 through 23.0.18 could allow a local user to escalate their privileges.
local
low complexity
CWE-277
6.7
6.7
2025-01-18
CVE-2025-0558
A vulnerability classified as critical was found in TDuckCloud tduck-platform up to 4.0.
network
low complexity
CWE-74
6.3
6.3
«
Previous
1
2
...
79
80
81
(current)
82
83
...
6972
6973
»
Next