1251
|
- |
|
-
|
-
|
A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS may allow a malformed xar file to crash the application dur…
|
-
|
CVE-2024-9483
|
2024-10-4 22:50 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1252
|
- |
|
-
|
-
|
An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed Mach-O file to crash the application during file processing.
|
-
|
CVE-2024-9482
|
2024-10-4 22:50 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1253
|
- |
|
-
|
-
|
An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing.
|
-
|
CVE-2024-9481
|
2024-10-4 22:50 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1254
|
4.7 |
MEDIUM
Network
|
-
|
-
|
The Checkout Field Editor (Checkout Manager) for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘render_review_request_notice’ function in all versions up to…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8499
|
2024-10-4 22:50 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1255
|
- |
|
-
|
-
|
** UNSUPPORTED WHEN ASSIGNED ** This vulnerability exists in D3D Security IP Camera due to usage of insecure Real-Time Streaming Protocol (RTSP) version for live video streaming. A remote attacker c…
|
CWE-862
Missing Authorization
|
CVE-2024-47790
|
2024-10-4 22:50 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1256
|
- |
|
-
|
-
|
** UNSUPPORTED WHEN ASSIGNED ** This vulnerability exists in D3D Security IP Camera due to usage of weak authentication scheme of the HTTP header protocol where authorization tag contain a Base-64 en…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2024-47789
|
2024-10-4 22:50 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1257
|
- |
|
-
|
-
|
This vulnerability exists in the Shilpi Net Back Office due to improper access controls on certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating a p…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-47657
|
2024-10-4 22:50 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1258
|
- |
|
-
|
-
|
This vulnerability exists in Shilpi Client Dashboard due to missing restrictions for incorrect login attempts on its API based login. A remote attacker could exploit this vulnerability by conducting …
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2024-47656
|
2024-10-4 22:50 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1259
|
- |
|
-
|
-
|
This vulnerability exists in the Shilpi Client Dashboard due to improper validation of files being uploaded other than the specified extension. An authenticated remote attacker could exploit this vul…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-47655
|
2024-10-4 22:50 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1260
|
- |
|
-
|
-
|
This vulnerability exists in Shilpi Client Dashboard due to lack of rate limiting and Captcha protection for OTP requests in certain API endpoint. An unauthenticated remote attacker could exploit thi…
|
CWE-799
Improper Control of Interaction Frequency
|
CVE-2024-47654
|
2024-10-4 22:50 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|