Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-12-16 CVE-2024-12443 The CRM Perks – WordPress HelpDesk Integration – Zendesk, Freshdesk, HelpScout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'crm-perks-tickets' shortcode in all versions up to, and including, 1.1.6 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2024-12-16 CVE-2024-12664 Cross-site Scripting vulnerability in Ruifang-Tech Rebuild 3.8.5
A vulnerability, which was classified as problematic, has been found in ruifang-tech Rebuild 3.8.5.
network
low complexity
ruifang-tech CWE-79
5.4
5.4
2024-12-16 CVE-2024-12665 Cross-site Scripting vulnerability in Ruifang-Tech Rebuild 3.8.5
A vulnerability, which was classified as problematic, was found in ruifang-tech Rebuild 3.8.5.
network
low complexity
ruifang-tech CWE-79
5.4
5.4
2024-12-16 CVE-2024-12666 Unspecified vulnerability in Classcms
A vulnerability has been found in ClassCMS up to 4.8 and classified as critical.
network
low complexity
classcms
8.8
8.8
2024-12-16 CVE-2024-12667 Insufficient Session Expiration vulnerability in Invoiceplane
A vulnerability was found in InvoicePlane up to 1.6.1 and classified as problematic.
network
high complexity
invoiceplane CWE-613
5.9
5.9
2024-12-16 CVE-2024-12662 NULL Pointer Dereference vulnerability in Iobit Advanced Systemcare Ultimate 11.0.1.58/14.2.0.220
A vulnerability classified as problematic has been found in IObit Advanced SystemCare Utimate up to 17.0.0.
local
low complexity
iobit CWE-476
5.5
5.5
2024-12-16 CVE-2024-12658 NULL Pointer Dereference vulnerability in Iobit Advanced Systemcare Ultimate 11.0.1.58/14.2.0.220
A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0 and classified as problematic.
local
low complexity
iobit CWE-476
5.5
5.5
2024-12-16 CVE-2024-12659 NULL Pointer Dereference vulnerability in Iobit Advanced Systemcare Ultimate 11.0.1.58/14.2.0.220
A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0.
local
low complexity
iobit CWE-476
5.5
5.5
2024-12-16 CVE-2024-12660 NULL Pointer Dereference vulnerability in Iobit Advanced Systemcare Ultimate 11.0.1.58/14.2.0.220
A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0.
local
low complexity
iobit CWE-476
5.5
5.5
2024-12-16 CVE-2024-10095 Deserialization of Untrusted Data vulnerability in Telerik UI for WPF
In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1213), a code execution attack is possible through an insecure deserialization vulnerability.
network
low complexity
telerik CWE-502
critical
 9.8
9.8