2061
|
9.8 |
CRITICAL
Network
tenda
|
fh451_firmware
|
Tenda FH451 v1.0.0.9 has a stack overflow vulnerability located in the RouteStatic function.
|
CWE-787
Out-of-bounds Write
|
CVE-2024-46046
|
2024-09-20 09:35 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2062
|
9.8 |
CRITICAL
Network
tenda
|
ch22_firmware
|
Tenda CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the frmL7PlotForm function.
|
CWE-787
Out-of-bounds Write
|
CVE-2024-46045
|
2024-09-20 09:34 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2063
|
9.8 |
CRITICAL
Network
tenda
|
ch22_firmware
|
CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the fromqossetting function.
|
CWE-787
Out-of-bounds Write
|
CVE-2024-46044
|
2024-09-20 09:34 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2064
|
7.8 |
HIGH
Local
|
intelbras
|
incontrol
|
A vulnerability classified as critical was found in Intelbras InControl 2.21.56. This vulnerability affects unknown code of the component incontrolWebcam Service. The manipulation leads to unquoted s…
|
CWE-428
Unquoted Search Path or Element
|
CVE-2024-6080
|
2024-09-20 09:27 |
2024-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2065
|
8.8 |
HIGH
Network
|
yotuwp
|
video_gallery
|
The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the display function. This …
|
NVD-CWE-Other
|
CVE-2024-4551
|
2024-09-20 09:24 |
2024-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2066
|
6.3 |
MEDIUM
Network
|
ali2woo
|
aliexpress_dropshipping_with_alinext
|
The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the ImportAjaxController.php file in …
|
CWE-862
Missing Authorization
|
CVE-2024-4450
|
2024-09-20 09:22 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2067
|
9.8 |
CRITICAL
Network
yotuwp
|
video_gallery
|
The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the settings parameter. Thi…
|
NVD-CWE-Other
|
CVE-2024-4258
|
2024-09-20 09:21 |
2024-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2068
|
8.8 |
HIGH
Network
|
ali2woo
|
aliexpress_dropshipping_with_alinext
|
The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_save_image function in all versions up to, a…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-2381
|
2024-09-20 09:18 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2069
|
5.9 |
MEDIUM
Network
|
consensys
|
gnark-crypto
|
gnark is a fast zk-SNARK library that offers a high-level API to design circuits. Prior to version 0.11.0, commitments to private witnesses in Groth16 as implemented break the zero-knowledge property…
|
NVD-CWE-noinfo
|
CVE-2024-45040
|
2024-09-20 09:13 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2070
|
6.2 |
MEDIUM
Local
|
consensys
|
gnark-crypto
|
gnark is a fast zk-SNARK library that offers a high-level API to design circuits. Versions prior to 0.11.0 have a soundness issue - in case of multiple commitments used inside the circuit the prover …
|
NVD-CWE-noinfo
|
CVE-2024-45039
|
2024-09-20 09:12 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|