Lucene search
K

34 matches found

Circl
Circl
added 2026/03/26 12:0 a.m.3 views

CVE-2026-24750

creationtimestamp| type| source ---|---|--- 2026-03-26 00:00:59+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhwce5vwco2c 2026-03-27 20:40:08+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mi2y2uvvot2a...

7.6CVSS5.8AI score0.00236EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-24750

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to...

8.1CVSS7.4AI score0.07268EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/02/05 9:37 p.m.11 views

CVE-2022-24750

UltraVNC is a free and open source remote pc access software. A vulnerability has been found in versions prior to 1.3.8.0 in which the DSM plugin module, which allows a local authenticated user to achieve local privilege escalation LPE on a vulnerable system. The vulnerability has been fixed to...

8.8CVSS6.8AI score0.00265EPSS
Exploits0References1
NVD
NVD
added 2025/01/24 6:15 p.m.20 views

CVE-2025-24750

Missing Authorization vulnerability in Syed Balkhi ExactMetrics google-analytics-dashboard-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ExactMetrics: from n/a through = 8.1.0...

5.4CVSS0.00296EPSS
Exploits0References1
CVE
CVE
added 2025/01/24 5:25 p.m.61 views

CVE-2025-24750

CVE-2025-24750 describes a Missing Authorization vulnerability in the WordPress plugin ExactMetrics (Google Analytics Dashboard for WordPress) up to version 8.1.0. The issue stems from incorrectly configured access control, enabling unauthorized access to protected functionality or data. The CVSS...

5.4CVSS7.2AI score0.00296EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/24 5:25 p.m.10 views

CVE-2025-24750 WordPress ExactMetrics plugin <= 8.1.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Syed Balkhi ExactMetrics google-analytics-dashboard-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ExactMetrics: from n/a through = 8.1.0...

5.4CVSS7.2AI score0.00296EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/24 5:25 p.m.27 views

CVE-2025-24750 WordPress ExactMetrics plugin <= 8.1.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Syed Balkhi ExactMetrics google-analytics-dashboard-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ExactMetrics: from n/a through = 8.1.0...

5.4CVSS0.00296EPSS
Exploits0References1
CNVD
CNVD
added 2024/05/22 12:0 a.m.8 views

Adobe Acrobat Reader Buffer Overflow Vulnerability (CNVD-2024-24750)

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. Adobe Acrobat Reader has a security vulnerability that can be exploited by attackers to cause a sensitive memory leak...

5.5CVSS6.5AI score0.01986EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/17 1:55 p.m.44 views

Security Bulletin: Vulnerabilities in Node.js and packages affect IBM Voice Gateway

Summary Security Vulnerabilities in Node.js and packages affect IBM Voice Gateway. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2024-31206 DESCRIPTION: Node.js dectalk-tts module could allow a remote attacker to obtain sensitive information, caused by the use of...

8.2CVSS7.4AI score0.01155EPSS
Exploits1Affected Software1
CVE
CVE
added 2024/02/16 9:42 p.m.75 views

CVE-2024-24750

CVE-2024-24750 affects Undici, the HTTP/1.1 client used with Node.js. The vulnerability causes a memory leak when calling fetch(url) and not consuming the incoming body (or consuming it very slowly). The issue has been fixed in Undici version 6.6.1 . Remediation: upgrade to 6.6.1 or ensure the in...

6.5CVSS6.2AI score0.007EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 3:54 a.m.3 views

SUSE CVE-2020-24750

FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration...

8.1CVSS8.7AI score0.07268EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/01/23 12:0 a.m.38 views

RHEL 7 : rh-maven35-jackson-databind (RHSA-2020:4173)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:4173 advisory. The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Security Fixe...

8.1CVSS8.1AI score0.07268EPSS
Exploits1References4
Circl
Circl
added 2022/03/11 12:13 a.m.6 views

CVE-2022-24750

creationtimestamp| type| source ---|---|--- 2022-03-11 00:13:07+00:00| seen| https://t.me/cibsecurity/38745...

8.8CVSS7.5AI score0.00265EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/10 4:5 p.m.35 views

Security Bulletin: IBM Cloud Private is vulnerable to FasterXML jackson-databind vulnerabilities (CVE-2020-24750)

Summary IBM Cloud Private is vulnerable to FasterXML jackson-databind vulnerabilities Vulnerability Details CVEID: CVE-2020-24750 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and...

8.1CVSS9.4AI score0.07268EPSS
Exploits1Affected Software1
0day.today
0day.today
added 2022/01/05 12:0 a.m.234 views

WordPress WP Visitor Statistics 4.7 Plugin - SQL Injection Exploit

Exploit Title: WordPress Plugin WP Visitor Statistics 4.7 - SQL Injection Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.plugins-market.com/ Software Link: https://downloads.wordpress.org/plugin/wp-stats-manager.4.7.zip Version: = 4.7 Tested on: Ubuntu 18.04 CVE: CVE-2021-2475...

8.8CVSS0.5AI score0.38298EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/01/05 12:0 a.m.306 views

WordPress WP Visitor Statistics 4.7 SQL Injection

Exploit Title: WordPress Plugin WP Visitor Statistics 4.7 - SQL Injection Date 22/12/2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.plugins-market.com/ Software Link: https://downloads.wordpress.org/plugin/wp-stats-manager.4.7.zip Version: = 4.7 Tested on: Ubuntu 18.04 CV...

8.8CVSS0.5AI score0.38298EPSS
Exploits5
Circl
Circl
added 2021/12/21 12:23 p.m.6 views

CVE-2021-24750

creationtimestamp| type| source ---|---|--- 2021-12-21 12:23:42+00:00| seen| https://t.me/cibsecurity/34418...

8.8CVSS8AI score0.38298EPSS
Exploits5References1
CVE
CVE
added 2021/12/21 8:45 a.m.82 views

CVE-2021-24750

CVE-2021-24750 pertains to the WordPress WP Visitor Statistics (Real Time Traffic) plugin. Affected version: before 4.8. The vulnerability arises from improper sanitization/escaping of the refUrl in the refDetails AJAX action, which is accessible to any authenticated user. This can allow an attac...

8.8CVSS8.8AI score0.38298EPSS
Exploits5References3Affected Software1
Cvelist
Cvelist
added 2021/12/21 8:45 a.m.24 views

CVE-2021-24750 WP Visitor Statistics (Real Time Traffic) < 4.8 - Subscriber+ SQL Injection

The WP Visitor Statistics Real Time Traffic WordPress plugin before 4.8 does not properly sanitise and escape the refUrl in the refDetails AJAX action, available to any authenticated user, which could allow users with a role as low as subscriber to perform SQL injection attacks...

9.2AI score0.38298EPSS
Exploits5References3
vulnersOsv
vulnersOsv
added 2021/12/09 7:15 p.m.6 views

ai.agnos:reactive-sparql_2.12 (>=0.3.0 <=0.3.1), ai.chronon:aggregator_2.11 (>=0.0.1 <=thread_contention-0.0.23-dev3) +25053 more potentially affected by CVE-2020-24750 via com.fasterxml.jackson.core:jackson-databind (>=2.7.0 <=2.9.10.5)

com.fasterxml.jackson.core:jackson-databind MAVEN version =2.7.0, =0.3.0, =0.0.1, =0.0.6, =0.0.1, =0.0.1, =thread-pool-0.0.24-dev, =local, =local, =0.0.6, =0.0.1, =0.42.1, =0.42.1, =0.40.2, =0.42.1, =0.80.6 and more Source cves: CVE-2020-24750 Source advisory: OSV:GHSA-QJW2-HR98-QGFH...

8.1CVSS7.1AI score0.07268EPSS
Exploits1
Rows per page
Query Builder