|
1001
|
6.5 |
MEDIUM
Network
|
-
|
-
|
IBM Maximo Asset Management 7.6.1.3 MXAPIASSET API is vulnerable to unrestricted file upload which allows authenticated low privileged user to upload restricted file types with a simple method of add…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2024-45077
|
2025-01-25 01:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1002
|
- |
|
-
|
-
|
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In version 4.0.0-beta.358 and possibly earlier versions, when creating or updating a "project," it …
|
CWE-78
OS Command
|
CVE-2025-22606
|
2025-01-25 01:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1003
|
5.9 |
MEDIUM
Network
|
-
|
-
|
IBM Concert Software 1.0.0 and 1.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit …
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2024-41757
|
2025-01-25 01:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1004
|
5.3 |
MEDIUM
Network
-
|
-
|
IBM InfoSphere Information Server 11.7 could allow a remote user to obtain sensitive version information that could aid in further attacks against the system.
|
CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
|
CVE-2024-40706
|
2025-01-25 01:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1005
|
8.0 |
HIGH
Network
|
-
|
-
|
IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface. Attackers can make use of this weakness and up…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-40693
|
2025-01-25 01:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1006
|
8.0 |
HIGH
Network
|
-
|
-
|
IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the type of file in the File Manager T1 process. Attackers can make use of this weakness and upload m…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-25034
|
2025-01-25 01:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1007
|
6.5 |
MEDIUM
Network
-
|
-
|
The Jobify - Job Board WordPress Theme for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'download_image_via_ai' and 'generate_image…
|
CWE-862
Missing Authorization
|
CVE-2024-13698
|
2025-01-25 01:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1008
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
ovl: support encoding fid from inode with no alias
Dmitry Safonov reported that a WARN_ON() assertion can be trigered by
userspac…
|
-
|
CVE-2025-21654
|
2025-01-25 01:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1009
|
- |
|
-
|
-
|
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Starting in version 4.0.0-beta.18 and prior to 4.0.0-beta.253, a vulnerability in the execution of …
|
CWE-78
OS Command
|
CVE-2025-22605
|
2025-01-25 00:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1010
|
5.3 |
MEDIUM
Network
-
|
-
|
A vulnerability, which was classified as problematic, was found in Telstra Smart Modem Gen 2 up to 20250115. This affects an unknown part of the component HTTP Header Handler. The manipulation of the…
|
CWE-74
CWE-707
Injection
Improper Enforcement of Message or Data Structure
|
CVE-2025-0697
|
2025-01-25 00:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
