|
251
|
5.9 |
MEDIUM
Network
|
-
|
-
|
IBM Concert Software 1.0.0 and 1.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit …
New
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2024-41757
|
2025-01-25 01:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252
|
5.3 |
MEDIUM
Network
-
|
-
|
IBM InfoSphere Information Server 11.7 could allow a remote user to obtain sensitive version information that could aid in further attacks against the system.
New
|
CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
|
CVE-2024-40706
|
2025-01-25 01:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
253
|
8.0 |
HIGH
Network
|
-
|
-
|
IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface. Attackers can make use of this weakness and up…
New
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-40693
|
2025-01-25 01:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254
|
8.0 |
HIGH
Network
|
-
|
-
|
IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the type of file in the File Manager T1 process. Attackers can make use of this weakness and upload m…
New
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-25034
|
2025-01-25 01:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255
|
6.5 |
MEDIUM
Network
-
|
-
|
The Jobify - Job Board WordPress Theme for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'download_image_via_ai' and 'generate_image…
New
|
CWE-862
Missing Authorization
|
CVE-2024-13698
|
2025-01-25 01:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
256
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
ovl: support encoding fid from inode with no alias
Dmitry Safonov reported that a WARN_ON() assertion can be trigered by
userspac…
Update
|
-
|
CVE-2025-21654
|
2025-01-25 01:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257
|
- |
|
-
|
-
|
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Starting in version 4.0.0-beta.18 and prior to 4.0.0-beta.253, a vulnerability in the execution of …
New
|
CWE-78
OS Command
|
CVE-2025-22605
|
2025-01-25 00:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258
|
5.3 |
MEDIUM
Network
-
|
-
|
A vulnerability, which was classified as problematic, was found in Telstra Smart Modem Gen 2 up to 20250115. This affects an unknown part of the component HTTP Header Handler. The manipulation of the…
New
|
CWE-74
CWE-707
Injection
Improper Enforcement of Message or Data Structure
|
CVE-2025-0697
|
2025-01-25 00:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
259
|
- |
|
-
|
-
|
DLL hijacking vulnerabilities, caused by an uncontrolled search path in the USBXpress Win 98SE Dev Kit installer can lead to privilege escalation and arbitrary code execution when running the impacte…
New
|
-
|
CVE-2024-9499
|
2025-01-25 00:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260
|
- |
|
-
|
-
|
DLL hijacking vulnerabilities, caused by an uncontrolled search path in the USBXpress SDK
installer can lead to privilege escalation and arbitrary code execution when running the impacted inst…
New
|
-
|
CVE-2024-9498
|
2025-01-25 00:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
