CVE-2024-45094 – IBM DS8900F and DS8A00 HMC Stored Cross-Site Scripting Vulnerability

May 27, 2025

CVE ID : CVE-2024-45094

Published : May 27, 2025, 11:15 p.m. | 1 hour, 44 minutes ago

Description : IBM DS8900F and DS8A00 Hardware Management Console (HMC) is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

Severity: 5.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-2796 – Arista EOS IPsec Anti-Replay Protection Vulnerability

Next Article CVE-2024-11185 – Arista EOS VLAN Isolation Bypass

Highlights

CVE-2025-5685 – Tenda CH22 Stack-Based Buffer Overflow Vulnerability

June 5, 2025

CVE ID : CVE-2025-5685

Published : June 5, 2025, 8:15 p.m. | 1 hour, 52 minutes ago

Description : A vulnerability, which was classified as critical, was found in Tenda CH22 1.0.0.1. This affects the function formNatlimit of the file /goform/Natlimit. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Report: 71% of tech leaders won’t hire devs without AI skills

Slack’s AI search now works across an organization’s entire knowledge base

In-House vs Outsourcing for React.js Development: Understand What Is Best for Your Enterprise

Tiny Screens, Big Impact: The Forgotten Art Of Developing Web Apps For Feature Phones

Too many open browser tabs? This is still my favorite solution – and has been for years

This new browser won’t monetize your every move – how to try it

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

AMD’s budget Ryzen AI 5 330 processor will introduce a wave of ultra-affordable Copilot+ PCs with its mobile 50 TOPS NPU

The details of TC39’s last meeting

The details of TC39’s last meeting

Reclaim Space: Delete Docker Orphan Layers

Notes Android App Using SQLite

KeySmith – SSH key management

KeySmith – SSH key management

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

AMD’s budget Ryzen AI 5 330 processor will introduce a wave of ultra-affordable Copilot+ PCs with its mobile 50 TOPS NPU

CVE-2024-45094 – IBM DS8900F and DS8A00 HMC Stored Cross-Site Scripting Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

CVE-2025-53121 – OpenMNS Horizon Stored XSS Vulnerability

Classic WTF: NoeTimeToken

CVE-2025-48047 – NetFax Server Command Injection Vulnerability

Beware: 394,000 Windows PCs hit by Lumma malware in just 2 months, Microsoft warns

CVE-2025-5685 – Tenda CH22 Stack-Based Buffer Overflow Vulnerability

CVE-2025-6268 – Luna Imaging Cross Site Scripting Vulnerability

CVE-2025-6167 – Themanojdesai Python-A2A Path Traversal Vulnerability

Innovating with MongoDB | Customer Successes, May 2025

CVE-2024-45094 – IBM DS8900F and DS8A00 HMC Stored Cross-Site Scripting Vulnerability

Related Posts