MiracleLinux 4 : AXSA:2021-1624:05: thunderbird-78.9.0-3.0.1.AXS4 (AXSA_2021-1624_05)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA2021-162405 advisory. Mozilla: Texture upload into an unbound backing buffer resulted in an out-of-bound read CVE-2021-23981 Mozilla: Memory safety bugs fixed in Firefox 87...

CVE-2025-1624

The GDPR Cookie Compliance WordPress plugin before 4.15.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-1624

The Latest Tweets Widget WordPress plugin through 1.1.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2011-1624

Cisco IOS 12.258SE, when a login banner is configured, allows remote attackers to cause a denial of service device reload by establishing two SSH2 sessions, aka Bug ID CSCto62631...

CVE-2025-1624

creationtimestamp| type| source ---|---|--- 2025-03-16 06:46:06+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7700 2025-03-16 08:00:51+00:00| seen| https://t.me/cvedetector/20401...

CVE-2025-1624

The GDPR Cookie Compliance WordPress plugin before 4.15.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2025-1624 GDPR Cookie Compliance < 4.15.9 - Admin+ Stored XSS

The GDPR Cookie Compliance WordPress plugin before 4.15.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2025-1624 GDPR Cookie Compliance < 4.15.9 - Admin+ Stored XSS

The GDPR Cookie Compliance WordPress plugin before 4.15.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2025-1624

CVE-2025-1624 concerns the GDPR Cookie Compliance WordPress plugin prior to 4.15.9, where insufficient sanitization/escaping of certain settings enables Stored XSS by high-privilege users (e.g., admins), including multisite scenarios. The root cause is lack of input sanitization in plugin setting...

Linux Distros Unpatched Vulnerability : CVE-2010-1624

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The msnemoticonmsg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote authenticated users to cause a denial of servi...

CVE-2024-1624

An OS Command Injection vulnerability affecting documentation server on 3DEXPERIENCE from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x, SIMULIA Abaqus from Release 2022 through Release 2024, SIMULIA Isight from Release 2022 through Release 2024 and CATIA Composer from Release...

SUSE SLED15 / SLES15 Security Update : python-Werkzeug (SUSE-SU-2024:1624-2)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1624-2 advisory. - CVE-2024-34069: Fixed a remote code execution through debugger when interacting with attacker controlled domain...

openSUSE Security Advisory (SUSE-SU-2024:1624-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2024-1624)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-1624

creationtimestamp| type| source ---|---|--- 2024-03-01 17:26:22+00:00| seen| https://t.me/ctinow/197810 2024-03-01 17:26:32+00:00| seen| https://t.me/ctinow/197820 2024-03-02 16:46:34+00:00| seen| https://t.me/ctinow/198411...

CVE-2024-1624 OS Command Injection vulnerability affecting documentation server on certain Releases of 3DEXPERIENCE, SIMULIA Abaqus, SIMULIA Isight and CATIA Composer

An OS Command Injection vulnerability affecting documentation server on 3DEXPERIENCE from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x, SIMULIA Abaqus from Release 2022 through Release 2024, SIMULIA Isight from Release 2022 through Release 2024 and CATIA Composer from Release...

CVE-2024-1624

The CVE-2024-1624 entry describes an OS Command Injection vulnerability affecting the documentation server in Dassault Systèmes’ 3DEXPERIENCE platform (R2022x–R2024x), SIMULIA Abaqus (2022–2024), SIMULIA Isight (2022–2024), and CATIA Composer (R2023–R2024). The underlying issue is an OS command i...

Rocky Linux 8 : php:7.2 (RLSA-2020:1624)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:1624 advisory. - In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an...

Oracle Linux 8 : php:7.2 (ELSA-2020-1624)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1624 advisory. - An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpcdecode can allow a hostile XMLRPC...

CVE-2023-1624

The WPCode WordPress plugin before 2.0.9 has a flawed CSRF when deleting log, and does not ensure that the file to be deleted is inside the expected folder. This could allow attackers to make users with the wpcodeactivatesnippets capability delete arbitrary log files on the server, including...