Skip to main content
CVE-2024-55969 CRITICAL Act Now

DocIO in Syncfusion Essential Studio for ASP.NET MVC before 27.1.55 throws XMLException during the resaving of a DOCX document with an external reference XML, aka I640714. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
9.1
EPSS
0.6%
CVE-2024-11858 HIGH This Week

A flaw was found in Radare2, which contains a command injection vulnerability caused by insufficient input validation when handling Pebble Application files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection Radare2
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2024-56073 HIGH PATCH This Week

An issue was discovered in FastNetMon Community Edition through 1.2.7. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Fastnetmon
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-56072 HIGH PATCH This Week

An issue was discovered in FastNetMon Community Edition through 1.2.7. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Code Injection RCE Denial Of Service Fastnetmon
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-55970 HIGH This Week

File Manager in Syncfusion Essential Studio for ASP.NET MVC before 27.1.55 has a traversal issue that is related to the request parameter, aka I644734. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-56074 MEDIUM This Month

gitingest before 9996a06 mishandles symbolic links that point outside of the base directory. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2024-7701 MEDIUM This Month

Use of Password Hash With Insufficient Computational Effort vulnerability in percona percona-toolkit allows Encryption Brute Forcing.6.0. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Toolkit
NVD GitHub
CVSS 4.0
5.1
EPSS
0.2%
CVE-2024-56082 LOW Monitor

ChatBar.tsx in Lumos before 1.0.17 parses raw HTML in Markdown because the markdown-to-jsx package is used without disableParsingRawHTML set to true. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD GitHub
CVSS 3.1
3.5
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy