84 matches found
MINI-8VQV-636M-2224
Bulletin has no description...
RHCOS 4 : OpenShift Container Platform 4.4.20 jenkins-2-plugins (RHSA-2020:3625)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3625 advisory. - jenkins-credentials-binding-plugin: information disclosure in build log when build contains no build steps CVE-2020-2181 -...
AlmaLinux 9 : keylime (ALSA-2026:2224)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:2224 advisory. keylime: Keylime: Authentication bypass allows unauthorized administrative operations due to missing client-side TLS authentication CVE-2026-1709 Tenable has...
Oracle Linux 9 : keylime (ELSA-2026-2224)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-2224 advisory. 7.12.1-11.4 - CVE-2026-1709: Registrar authentication bypass Resolves: RHEL-145390 Tenable has extracted the preceding description block directly from the Oracl...
EUVD-2026-2224
An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent attackers authenticated over WiFi or on LAN to execute OS command injections on the router. DHCPv6 is not enabled by default...
CVE-2025-2224
The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'parsequery' function in all versions up to, and including, 8.2. This makes it possible fo...
CVE-2025-2224 Directorist <= 8.2 - Missing Authorization to Unauthenticated Arbitrary Post Publishing
The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'parsequery' function in all versions up to, and including, 8.2. This makes it possible fo...
CVE-2025-2224
CVE-2025-2224 affects Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings for WordPress. The vulnerability arises from a missing capability check in the parse_query function, allowing unauthenticated attackers to update the post_status of any post to 'publish' across al...
CVE-2023-2224
creationtimestamp| type| source ---|---|--- 2025-01-08 16:20:37+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/727...
CVE-2024-2224
Improper Limitation of a Pathname to a Restricted Directory ‘Path Traversal’ vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects the following products that include the vulnerable component...
CVE-2024-2224
CVE-2024-2224 affects Bitdefender GravityZone UpdateServer and related products: Linux endpoint 7.0.5.200089, Windows endpoint 7.9.9.380, GravityZone Control Center On Premises 6.36.1. The issue is an Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) in the UpdateServer...
CVE-2024-2224 Privilege Escalation via the GravityZone productManager UpdateServer.KitsManager API (VA-11466)
Improper Limitation of a Pathname to a Restricted Directory ‘Path Traversal’ vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects the following products that include the vulnerable component...
WordPress Seo By 10Web Cross Site Scripting
Tittle: WordPress Plugin Seo By 10Web 4. Save to trigger the XSS. Classification: Type XSS OWASP top 10 A7: Cross-Site Scripting XSS CWE-79 wpScan: https://wpscan.com/vulnerability/a76b6d22-1e00-428a-8a04-12162bd0d992...
openSUSE 15: curl / libcurl-devel / libcurl-devel-32bit / libcurl4 / etc (SUSE-SU-2023:2224-2)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2224-2 advisory. This update for curl adds the following feature: Update to version 8.0.1 jscPED-2580 - CVE-2023-28319: use-after-free in SSH sha256 fingerprint check...
Huawei EulerOS: Security Advisory for libtar (EulerOS-SA-2023-2224)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-2224 Seo By 10Web < 1.2.7 - Admin+ Stored XSS
The SEO by 10Web WordPress plugin before 1.2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2023-2224
The SEO by 10Web WordPress plugin before 1.2.7 is vulnerable to Stored XSS due to insufficient sanitisation/escaping of settings. High-privilege users (admin) could exploit this—even when unfiltered_html is disallowed in multisite environments. Affected versions:
CVE-2023-2224 Seo By 10Web < 1.2.7 - Admin+ Stored XSS
The SEO by 10Web WordPress plugin before 1.2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
WordPress Seo By 10Web Plugin < 1.2.7 is vulnerable to Cross Site Scripting (XSS)
Software Seo By 10Web Type Plugin Vulnerable versions 1.2.7 Fixed in 1.2.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2224 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 7380d78d51b0 Credits Taurus Omar Required privileg...
Debian: Security Advisory (DLA-561-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...