Atlassian Jira WallboardServlet <7.13.1 - Cross-Site Scripting

The WallboardServlet resource in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross-site scripting vulnerability in the cyclePeriod parameter. id: CVE-2018-20824 info: name: Atlassian Jira WallboardServlet 7.13.1 - Cross-Site Scripting author:...

CVE-2026-20824

Protection mechanism failure in Windows Remote Assistance allows an unauthorized attacker to bypass a security feature locally...

CVE-2026-20824 Windows Remote Assistance Security Feature Bypass Vulnerability

...

CVE-2024-20824

Implicit intent hijacking vulnerability in VoiceSearch of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent...

CVE-2018-20824

creationtimestamp| type| source ---|---|--- 2024-03-18 07:23:33+00:00| published-proof-of-concept| https://t.me/lostsec/164 2025-04-13 12:04:46+00:00| seen| https://gist.github.com/marcostolosa/bf0f4a6ea030bc83c2d8dde8df077407...

CVE-2024-20824

creationtimestamp| type| source ---|---|--- 2024-02-06 04:21:54+00:00| seen| https://t.me/ctinow/179733 2024-02-29 14:22:08+00:00| seen| https://t.me/ctinow/196668...

CVE-2024-20824

Implicit intent hijacking vulnerability in VoiceSearch of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent...

CVE-2024-20824

Implicit intent hijacking vulnerability in VoiceSearch of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent...

CVE-2024-20824

CVE-2024-20824 affects Galaxy Store's VoiceSearch. Affected: Galaxy Store versions before 4.5.63.6. Issue: implicit intent hijacking allowing a local attacker to access sensitive information via VoiceSearch. Impact: confidentiality impact reported as High; no integrity or availability impact stat...

Heap overflow

A vulnerability has been identified in JT2Go All versions V14.3.0.1, Teamcenter Visualization V13.3 All versions V13.3.0.12, Teamcenter Visualization V14.0 All versions, Teamcenter Visualization V14.1 All versions V14.1.0.11, Teamcenter Visualization V14.2 All versions V14.2.0.6, Teamcenter...

CVE-2023-20824

In duraspeed, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: ALPS07951402; Issue ID: ALPS07951402...

CVE-2023-20824

CVE-2023-20824 affects duraspeed components (MediaTek context) and is caused by a missing permission check, enabling local information disclosure without extra privileges or user interaction. The vulnerability is described across multiple sources (including Red Hat and NVD records) and is associa...

CVE-2023-20824

In duraspeed, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: ALPS07951402; Issue ID: ALPS07951402...

CVE-2022-20824

creationtimestamp| type| source ---|---|--- 2022-08-26 12:45:05+00:00| seen| https://t.me/truesecator/3342...

CVE-2022-20824

Summary: CVE-2022-20824 affects Cisco FXOS and Cisco NX-OS Software with Cisco Discovery Protocol enabled. The issue stems from improper input validation of values within a Cisco Discovery Protocol message, which can let an unauthenticated, adjacent attacker execute arbitrary code with root privi...

punjabemunicipalityissues.lgpunjab.gov.in Cross Site Scripting vulnerability OBB-2038732

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| punjabemunicipalityissues.lgpunjab.gov....

CVE-2019-20824

CVE-2019-20824 affects Foxit PhantomPDF prior to 8.3.11. The issue is a NULL pointer dereference in Epub processing caused by FXSYS_wcslen. Impact is described as a crash; no exploitation details are provided in the sources. Patch upgrade to 8.3.11 is the stated remedy.

CVE-2019-20824

An issue was discovered in Foxit PhantomPDF before 8.3.11. It has a NULL pointer dereference via FXSYSwcslen in an Epub file...

CVE-2018-20824

CVE-2018-20824 affects Atlassian Jira’s WallboardServlet prior to version 7.13.1. The vulnerability allows remote attackers to inject arbitrary HTML or JavaScript via the cyclePeriod parameter, resulting in a cross-site scripting (XSS) issue. Exploitation context: requires a user to interact (per...

XSS in WallboardServlet through the cyclePeriod parameter - CVE-2018-20824

The WallboardServlet resource in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the cyclePeriod parameter...