CVE ID : CVE-2024-41768 Published : Jan. 4, 2025, 3:15 p.m. | 5 hours, 7 minutes ago Description : IBM Engineering Lifecycle Optimization – Publishing 7.0.2 and 7.0.3 could allow a remote attacker to cause an unhandled SSL exception which could leave the connection in an unexpected or insecure state. Severity: 6.5 | MEDIUM Visit the link…

CVE ID : CVE-2024-41767 Published : Jan. 4, 2025, 3:15 p.m. | 5 hours, 7 minutes ago Description : IBM Engineering Lifecycle Optimization – Publishing 7.0.2 and 7.0.3 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end…

CVE ID : CVE-2024-41766 Published : Jan. 4, 2025, 3:15 p.m. | 5 hours, 7 minutes ago Description : IBM Engineering Lifecycle Optimization – Publishing 7.0.2 and 7.0.3 could allow a remote attacker to cause a denial of service using a complex regular expression. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS…

CVE ID : CVE-2024-41765 Published : Jan. 4, 2025, 3:15 p.m. | 5 hours, 8 minutes ago Description : IBM Engineering Lifecycle Optimization – Publishing 7.0.2 and 7.0.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing “dot dot” sequences (/../) to view arbitrary files…

CVE ID : CVE-2024-41763 Published : Jan. 4, 2025, 3:15 p.m. | 5 hours, 8 minutes ago Description : IBM Engineering Lifecycle Optimization – Publishing 7.0.2 and 7.0.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS…

CVE ID : CVE-2025-0210 Published : Jan. 4, 2025, 2:15 p.m. | 6 hours, 7 minutes ago Description : A vulnerability has been found in Campcodes School Faculty Scheduling System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=login. The manipulation of the argument username leads to sql injection.…

CVE ID : CVE-2024-10957 Published : Jan. 4, 2025, 2:15 p.m. | 6 hours, 7 minutes ago Description : The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.24.11 via deserialization of untrusted input in the ‘recursive_unserialized_replace’ function. This makes it possible for…

Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution Vulnerability / Software Security A high-severity security flaw has been disclosed in ProjectDiscovery’s Nuclei, a widely-used open-source vulnerability scanner that, if successfully exploited, could … Read more Published Date: Jan 04, 2025 (5 hours, 54 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2024-43405 Go to…