Skip to main content
CVE-2024-49820 LOW Monitor

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

IBM Information Disclosure Security Guardium Key Lifecycle Manager
NVD
CVSS 3.1
3.7
EPSS
0.2%
CVE-2024-9654 LOW PATCH Monitor

The Easy Digital Downloads plugin for WordPress is vulnerable to Improper Authorization in versions 3.1 through 3.3.4. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass WordPress Easy Digital Downloads
NVD
CVSS 3.1
3.7
EPSS
0.3%
CVE-2024-54125 LOW Monitor

Improper authorization in handler for custom URL scheme issue in "Shonen Jump+" App for Android versions prior to 4.0.0 allows an attacker to lead a user to access an arbitrary website via the. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google
NVD
CVSS 3.0
3.3
EPSS
0.2%
CVE-2024-42194 LOW Monitor

An improper handling of insufficient permissions or privileges affects HCL BigFix Inventory. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
3.1
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy