1041
|
8.8 |
HIGH
Network
|
ultrapress
|
ultrapress
|
The UltraPress theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.1 via deserialization of untrusted input. This makes it possible for authenticated a…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-7434
|
2024-11-14 07:05 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1042
|
8.8 |
HIGH
Network
|
ultrapress
|
empowerment
|
The Empowerment theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.2 via deserialization of untrusted input. This makes it possible for authenticated …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-7433
|
2024-11-14 07:04 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1043
|
8.8 |
HIGH
Network
|
ultrapress
|
unseen_blog
|
The Unseen Blog theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.0 via deserialization of untrusted input. This makes it possible for authenticated …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-7432
|
2024-11-14 07:03 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1044
|
3.7 |
LOW
Network
|
netadmin
|
netadmin_iam
|
A vulnerability was found in Netadmin Software NetAdmin IAM up to 3.5 and classified as problematic. Affected by this issue is some unknown functionality of the file /controller/api/Answer/ReturnUser…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2024-9513
|
2024-11-14 06:57 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1045
|
9.8 |
CRITICAL
Network
ruijie
|
rg-nbs2009g-p_firmware
|
An issue in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release(9736) allows a remote attacker to gain privileges via the system/config_menu.htm.
|
NVD-CWE-noinfo
|
CVE-2024-24116
|
2024-11-14 06:43 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1046
|
3.3 |
LOW
Local
|
wondershare
|
edraw
|
A remote code execution vulnerability in the project management of Wanxing Technology's Yitu project which allows an attacker to use the exp.adpx file as a zip compressed file to construct a special …
|
NVD-CWE-noinfo
|
CVE-2024-24122
|
2024-11-14 06:40 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1047
|
- |
|
-
|
-
|
wasm3 139076a is vulnerable to Denial of Service (DoS).
|
-
|
CVE-2024-27527
|
2024-11-14 06:35 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1048
|
7.5 |
HIGH
Network
jerryscript
|
jerryscript
|
An issue in JerryscriptProject jerryscript v.3.0.0 allows an attacker to obtain sensitive information via a crafted script to the arrays.
|
NVD-CWE-noinfo
|
CVE-2023-36201
|
2024-11-14 06:35 |
2023-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1049
|
5.4 |
MEDIUM
Network
|
zohocorp
|
manageengine_servicedesk_plus manageengine_servicedesk_plus_msp manageengine_supportcenter_plus
|
Zoho ManageEngine ServiceDesk Plus before 14202, ServiceDesk Plus MSP before 14300, and SupportCenter Plus before 14300 have a privilege escalation vulnerability in the Release module that allows unp…
|
NVD-CWE-noinfo
|
CVE-2023-34197
|
2024-11-14 06:35 |
2023-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1050
|
- |
|
-
|
-
|
Insufficient validation performed on the REST API License file in Paxton Net2 before 6.07.14023.5015 (SR4) enables use of the REST API with an invalid License File. Attackers may be able to retrieve …
|
-
|
CVE-2024-48939
|
2024-11-14 06:15 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|