|
2181
|
5.5 |
MEDIUM
Local
|
fabulatech
|
usb_over_network
|
A vulnerability classified as problematic has been found in FabulaTech USB over Network 6.0.6.1. Affected is the function 0x22040C in the library ftusbbus2.sys of the component IOCT Handler. The mani…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-12653
|
2024-12-18 22:53 |
2024-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2182
|
5.5 |
MEDIUM
Local
|
fabulatech
|
usb_over_network
|
A vulnerability classified as problematic was found in FabulaTech USB over Network 6.0.6.1. Affected by this vulnerability is the function 0x220408 in the library ftusbbus2.sys of the component IOCT …
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-12654
|
2024-12-18 22:42 |
2024-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2183
|
9.8 |
CRITICAL
Network
telerik
|
ui_for_wpf
|
In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1213), a code execution attack is possible through an insecure deserialization vulnerability.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-10095
|
2024-12-18 21:59 |
2024-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2184
|
- |
|
-
|
-
|
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability in Mighty Digital Partners allows Object Injection.This issue affects Partners: from n/a throug…
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2024-56059
|
2024-12-18 21:15 |
2024-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2185
|
- |
|
-
|
-
|
Deserialization of Untrusted Data vulnerability in Gueststream VRPConnector allows Object Injection.This issue affects VRPConnector: from n/a through 2.0.1.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-56058
|
2024-12-18 21:15 |
2024-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2186
|
- |
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPTooling Image Mapper allows Reflected XSS.This issue affects Image Mapper: from n/a through 0.2…
|
CWE-79
Cross-site Scripting
|
CVE-2024-56016
|
2024-12-18 21:15 |
2024-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2187
|
- |
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pierre Lannoy / PerfOps One Device Detector allows Reflected XSS.This issue affects Device Detect…
|
CWE-79
Cross-site Scripting
|
CVE-2024-56010
|
2024-12-18 21:15 |
2024-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2188
|
- |
|
-
|
-
|
Missing Authorization vulnerability in spreadr Spreadr Woocommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Spreadr Woocommerce: from n/a through 1.0.4.
|
CWE-862
Missing Authorization
|
CVE-2024-56008
|
2024-12-18 21:15 |
2024-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2189
|
- |
|
-
|
-
|
Missing Authorization vulnerability in Web Chunky Order Delivery & Pickup Location Date Time allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Delivery …
|
CWE-862
Missing Authorization
|
CVE-2024-55997
|
2024-12-18 21:15 |
2024-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2190
|
- |
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ydesignservices YDS Support Ticket System allows SQL Injection.This issue affects YDS Support Tic…
|
CWE-89
SQL Injection
|
CVE-2024-55985
|
2024-12-18 21:15 |
2024-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
