7.5

CVSS3.1

CVE-2024-39033 -

In Newgensoft OmniDocs 11.0_SP1_03_006, Insecure Direct Object Reference (IDOR) in the getuserproperty function allows user's configuration and PII to be stolen.

πŸ“… Published: Feb. 6, 2025, midnight πŸ”„ Last Modified: July 12, 2025, 10:31 p.m.

5.5

CVSS3.1

CVE-2024-57672 -

An issue in floodlight v1.2 allows a local attacker to cause a denial of service via the Topology Manager module, Topologylnstance module, Routing module.

πŸ“… Published: Feb. 6, 2025, midnight πŸ”„ Last Modified: April 23, 2025, 9:58 p.m.

6.1

CVSS3.1

CVE-2024-57427 -

PHPJabbers Cinema Booking System v2.0 is vulnerable to reflected cross-site scripting (XSS). Multiple endpoints improperly handle user input, allowing malicious scripts to execute in a victim’s browser. Attackers can craft malicious links to steal session cookies or conduct phishing attacks.

πŸ“… Published: Feb. 6, 2025, midnight πŸ”„ Last Modified: June 24, 2025, 12:13 a.m.

9.1

CVSS3.1

CVE-2024-36556 -

Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h, and Forever KidsWatch Call Me 2 KW60 R36CW_YDE_S4_A29_2_V1.0_2023.05.24_22.49.44_cob_b have a Hardcoded password vulnerability.

πŸ“… Published: Feb. 6, 2025, midnight πŸ”„ Last Modified: Feb. 10, 2025, 4:15 p.m.

4.3

CVSS3.1

CVE-2024-49800 - IBM ApplinX Information Disclosure

IBM ApplinX 11.1 stores sensitive information in cleartext in memory that could be obtained by an authenticated user.

πŸ“… Published: Feb. 5, 2025, 11:55 p.m. πŸ”„ Last Modified: Feb. 22, 2025, 10:07 p.m.

4.3

CVSS3.1

CVE-2024-49798 - IBM ApplinX Information Disclosure

IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.

πŸ“… Published: Feb. 5, 2025, 11:50 p.m. πŸ”„ Last Modified: Feb. 22, 2025, 10:06 p.m.

5.9

CVSS3.1

CVE-2024-49797 - IBM ApplinX Information Disclosure

IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.

πŸ“… Published: Feb. 5, 2025, 11:48 p.m. πŸ”„ Last Modified: Feb. 22, 2025, 10:06 p.m.

5.4

CVSS3.1

CVE-2024-49796 - IBM ApplinX Clickjacking

IBM ApplinX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim.

πŸ“… Published: Feb. 5, 2025, 11:46 p.m. πŸ”„ Last Modified: Feb. 22, 2025, 10:05 p.m.

4.3

CVSS3.1

CVE-2024-49795 - IBM ApplinX Cross-Site Request Forgery

IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

πŸ“… Published: Feb. 5, 2025, 11:41 p.m. πŸ”„ Last Modified: Feb. 22, 2025, 10:05 p.m.

4.3

CVSS3.1

CVE-2024-49794 - IBM ApplinX Cross-Site Request Forgery

IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

πŸ“… Published: Feb. 5, 2025, 11:40 p.m. πŸ”„ Last Modified: Feb. 22, 2025, 10:04 p.m.
Total resulsts: 343923
Page 6309 of 34,393
Β« previous page Β» next page
Filters