34 matches found
CVE-2026-24750
creationtimestamp| type| source ---|---|--- 2026-03-26 00:00:59+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhwce5vwco2c 2026-03-27 20:40:08+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mi2y2uvvot2a...
Linux Distros Unpatched Vulnerability : CVE-2020-24750
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to...
CVE-2022-24750
UltraVNC is a free and open source remote pc access software. A vulnerability has been found in versions prior to 1.3.8.0 in which the DSM plugin module, which allows a local authenticated user to achieve local privilege escalation LPE on a vulnerable system. The vulnerability has been fixed to...
CVE-2025-24750
Missing Authorization vulnerability in Syed Balkhi ExactMetrics google-analytics-dashboard-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ExactMetrics: from n/a through = 8.1.0...
CVE-2025-24750
CVE-2025-24750 describes a Missing Authorization vulnerability in the WordPress plugin ExactMetrics (Google Analytics Dashboard for WordPress) up to version 8.1.0. The issue stems from incorrectly configured access control, enabling unauthorized access to protected functionality or data. The CVSS...
CVE-2025-24750 WordPress ExactMetrics plugin <= 8.1.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Syed Balkhi ExactMetrics google-analytics-dashboard-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ExactMetrics: from n/a through = 8.1.0...
CVE-2025-24750 WordPress ExactMetrics plugin <= 8.1.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Syed Balkhi ExactMetrics google-analytics-dashboard-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ExactMetrics: from n/a through = 8.1.0...
Adobe Acrobat Reader Buffer Overflow Vulnerability (CNVD-2024-24750)
Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. Adobe Acrobat Reader has a security vulnerability that can be exploited by attackers to cause a sensitive memory leak...
Security Bulletin: Vulnerabilities in Node.js and packages affect IBM Voice Gateway
Summary Security Vulnerabilities in Node.js and packages affect IBM Voice Gateway. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2024-31206 DESCRIPTION: Node.js dectalk-tts module could allow a remote attacker to obtain sensitive information, caused by the use of...
CVE-2024-24750
CVE-2024-24750 affects Undici, the HTTP/1.1 client used with Node.js. The vulnerability causes a memory leak when calling fetch(url) and not consuming the incoming body (or consuming it very slowly). The issue has been fixed in Undici version 6.6.1 . Remediation: upgrade to 6.6.1 or ensure the in...
SUSE CVE-2020-24750
FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration...
RHEL 7 : rh-maven35-jackson-databind (RHSA-2020:4173)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:4173 advisory. The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Security Fixe...
CVE-2022-24750
creationtimestamp| type| source ---|---|--- 2022-03-11 00:13:07+00:00| seen| https://t.me/cibsecurity/38745...
Security Bulletin: IBM Cloud Private is vulnerable to FasterXML jackson-databind vulnerabilities (CVE-2020-24750)
Summary IBM Cloud Private is vulnerable to FasterXML jackson-databind vulnerabilities Vulnerability Details CVEID: CVE-2020-24750 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and...
WordPress WP Visitor Statistics 4.7 Plugin - SQL Injection Exploit
Exploit Title: WordPress Plugin WP Visitor Statistics 4.7 - SQL Injection Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.plugins-market.com/ Software Link: https://downloads.wordpress.org/plugin/wp-stats-manager.4.7.zip Version: = 4.7 Tested on: Ubuntu 18.04 CVE: CVE-2021-2475...
WordPress WP Visitor Statistics 4.7 SQL Injection
Exploit Title: WordPress Plugin WP Visitor Statistics 4.7 - SQL Injection Date 22/12/2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.plugins-market.com/ Software Link: https://downloads.wordpress.org/plugin/wp-stats-manager.4.7.zip Version: = 4.7 Tested on: Ubuntu 18.04 CV...
CVE-2021-24750
creationtimestamp| type| source ---|---|--- 2021-12-21 12:23:42+00:00| seen| https://t.me/cibsecurity/34418...
CVE-2021-24750
CVE-2021-24750 pertains to the WordPress WP Visitor Statistics (Real Time Traffic) plugin. Affected version: before 4.8. The vulnerability arises from improper sanitization/escaping of the refUrl in the refDetails AJAX action, which is accessible to any authenticated user. This can allow an attac...
CVE-2021-24750 WP Visitor Statistics (Real Time Traffic) < 4.8 - Subscriber+ SQL Injection
The WP Visitor Statistics Real Time Traffic WordPress plugin before 4.8 does not properly sanitise and escape the refUrl in the refDetails AJAX action, available to any authenticated user, which could allow users with a role as low as subscriber to perform SQL injection attacks...
ai.agnos:reactive-sparql_2.12 (>=0.3.0 <=0.3.1), ai.chronon:aggregator_2.11 (>=0.0.1 <=thread_contention-0.0.23-dev3) +25053 more potentially affected by CVE-2020-24750 via com.fasterxml.jackson.core:jackson-databind (>=2.7.0 <=2.9.10.5)
com.fasterxml.jackson.core:jackson-databind MAVEN version =2.7.0, =0.3.0, =0.0.1, =0.0.6, =0.0.1, =0.0.1, =thread-pool-0.0.24-dev, =local, =local, =0.0.6, =0.0.1, =0.42.1, =0.42.1, =0.40.2, =0.42.1, =0.80.6 and more Source cves: CVE-2020-24750 Source advisory: OSV:GHSA-QJW2-HR98-QGFH...