|
721
|
7.5 |
HIGH
Network
-
|
-
|
IBM Safer Payments 6.4.0.00 through 6.4.2.07, 6.5.0.00 through 6.5.0.05, and 6.6.0.00 through 6.6.0.03 could allow a remote attacker to cause a denial of service due to improper allocation of resourc…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-45662
|
2025-01-19 02:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
722
|
6.5 |
MEDIUM
Network
|
-
|
-
|
IBM Robotic Process Automation 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 and
IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18
could allow …
|
CWE-602
Client-Side Enforcement of Server-Side Security
|
CVE-2024-49824
|
2025-01-19 01:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
723
|
5.3 |
MEDIUM
Network
-
|
-
|
IBM Concert 1.0.0, 1.0.1, and 1.0.2 is vulnerable to sensitive information disclosure through specially crafted API Calls.
|
CWE-213
Exposure of Sensitive Information Due to Incompatible Policies
|
CVE-2024-49354
|
2025-01-19 01:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
724
|
8.1 |
HIGH
Network
|
-
|
-
|
IBM ICP - Voice Gateway 1.0.2, 1.0.2.4, 1.0.3, 1.0.4, 1.0.5, 1.0.6. 1.0.7, 1.0.7.1, and 1.0.8 could allow remote attacker to send specially crafted XML statements, which would allow them to attacker …
|
CWE-91
Blind XPath Injection
|
CVE-2024-47113
|
2025-01-19 01:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
725
|
5.3 |
MEDIUM
Network
-
|
-
|
IBM Jazz for Service Management 1.1.3 through 1.1.3.22 could allow a remote attacker to obtain sensitive information from improper access restrictions that could aid in further attacks against the sy…
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2024-47106
|
2025-01-19 01:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
726
|
2.4 |
LOW
Network
|
-
|
-
|
A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /photo-gallery of the component Photo Gallery …
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2025-0560
|
2025-01-19 00:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
727
|
6.7 |
MEDIUM
Local
|
-
|
-
|
IBM Robotic Process Automation 21.0.0 through 21.0.7.17 and 23.0.0 through 23.0.18 could allow a local user to escalate their privileges. All files in the install inherit the file permissions of the …
|
CWE-277
Insecure Inherited Permissions
|
CVE-2024-51448
|
2025-01-19 00:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
728
|
4.4 |
MEDIUM
Network
|
-
|
-
|
IBM App Connect Enterprise 12.0.1.0 through 12.0.7.0and 13.0.1.0 under certain configurations could allow a privileged user to obtain JMS credentials.
|
CWE-1323
|
CVE-2024-49338
|
2025-01-19 00:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
729
|
2.4 |
LOW
Network
|
-
|
-
|
A vulnerability, which was classified as problematic, has been found in Campcodes School Management Software 1.0. This issue affects some unknown processing of the file /create-id-card of the compone…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2025-0559
|
2025-01-18 23:15 |
2025-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
730
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability classified as critical was found in TDuckCloud tduck-platform up to 4.0. This vulnerability affects the function QueryProThemeRequest of the file src/main/java/com/tduck/cloud/form/re…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0558
|
2025-01-18 22:15 |
2025-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
