Skip to main content
CVE-2024-49708 MEDIUM This Month

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Stored XSS (Cross-site Scripting) attacks. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Iksoris
NVD
CVSS 4.0
5.1
EPSS
0.1%
CVE-2024-10089 MEDIUM This Month

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Stored XSS (Cross-site Scripting) attacks. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Iksoris
NVD
CVSS 4.0
5.1
EPSS
0.1%
CVE-2025-3588 MEDIUM This Month

A vulnerability, which was classified as problematic, has been found in joelittlejohn jsonschema2pojo 1.2.2.java of the component JSON File Handler. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Java Red Hat
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-32093 MEDIUM PATCH This Month

Mattermost versions 10.5.x <= 10.5.1, 10.4.x <= 10.4.3, 9.11.x <= 9.11.9 fail to restrict certain operations on system admins to only other system admins, which allows delegated granular. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Mattermost Server Suse
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2022-43840 MEDIUM This Month

IBM Aspera Console 3.4.0 through 3.4.4 is vulnerable to an XPath injection vulnerability, which could allow an authenticated attacker to exfiltrate sensitive application data and/or determine the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure IBM Aspera Console
NVD
CVSS 3.1
4.3
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy