Author: Angelo Barbosa

A vulnerability was found in Alldata 0.4.6 and classified as problematic. This issue affects some unknown processing of the component FASTJSON. The manipulation leads to deserialization. The identification of this vulnerability is CVE-2024-29433. Access to the local network is required for this attack. There is no exploit...

A vulnerability has been found in Alldata 0.4.6 and classified as critical. This vulnerability affects unknown code. The manipulation of the argument processId leads to command injection. This vulnerability was named CVE-2024-29435. The attack needs to be initiated within the local network. There is no exploit...

A vulnerability, which was classified as problematic, was found in Intelbras MHDX 1004, MHDX 1008, MHDX 1016, MHDX 5016, HDCVI 1008 and HDCVI 1016 up to 20240401. This affects an unknown part of the file /cap.js of the component HTTP GET Request Handler. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2024-3160. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The real existence of this vulnerability is still doubted at the moment. The vendor explains that they do not classify the information shown as sensitive and therefore there is no vulnerability which is about to harm the user. It is recommended to apply restrictive...

A vulnerability, which was classified as problematic, has been found in Btstack up to 1.6. Affected by this issue is the function char_for_nibble of the component Input Handler. The manipulation leads to stack-based buffer overflow. This vulnerability is handled as CVE-2023-48906. The attack can only be initiated within the local network. There is no exploit...

A vulnerability classified as problematic was found in Template Kit Plugin up to 1.0.14 on WordPress. Affected by this vulnerability is an unknown functionality of the component Template Upload Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-2334. The attack can be launched remotely. There is no exploit...