CVE-2026-24030

creationtimestamp| type| source ---|---|--- 2026-04-10 11:12:06+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mj56tz53fs2q...

Fedora: Security Advisory (FEDORA-2026-637c11815f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2026-6cae4711b3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2026-24030

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in a denial of...

DEBIAN-CVE-2026-24030

An attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in a denial of service. In setups with a large quantity of memory available this usually results in an exception and the QUIC connection is properly...

CVE-2026-24030

An attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in a denial of service. In setups with a large quantity of memory available this usually results in an exception and the QUIC connection is properly...

CVE-2021-24030

The fbgames protocol handler registered as part of Facebook Gameroom does not properly quote arguments passed to the executable. That allows a malicious URL to cause code execution. This issue affects versions prior to v1.26.0...

CVE-2025-24030

A flaw was found in Envoy Gateway. This vulnerability allows a user with access to a Kubernetes cluster where Envoy Gateway is installed to use a path traversal attack to execute Envoy Admin interface commands on proxies managed by Envoy Gateway. The admin interface can terminate the Envoy proces...

CVE-2025-24030 vulnerabilities

Vulnerabilities for packages: envoy-gateway...

CVE-2025-24030 vulnerabilities

Vulnerabilities for packages: envoy-gateway...

CVE-2025-24030 Envoy Admin Interface Exposed through prometheus metrics endpoint

Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. A user with access to the Kubernetes cluster can use a path traversal attack to execute Envoy Admin interface commands on proxies managed by any version of Envoy Gateway prior...

Siemens InsydeH2O Out-of-bounds Write (CVE-2022-24030)

An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 through 5.5. An SMM memory corruption vulnerability allows an attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM. Insyde BIOS is typically used in RUGGEDCO...

CVE-2023-24030

An open redirect vulnerability exists in the /preauth Servlet in Zimbra Collaboration Suite through 9.0 and 8.8.15. To exploit the vulnerability, an attacker would need to have obtained a valid zimbra auth token or a valid preauth token. Once the token is obtained, an attacker could redirect a us...

CVE-2023-24030

An open redirect vulnerability exists in the /preauth Servlet in Zimbra Collaboration Suite through 9.0 and 8.8.15. To exploit the vulnerability, an attacker would need to have obtained a valid zimbra auth token or a valid preauth token. Once the token is obtained, an attacker could redirect a us...

CVE-2023-24030

CVE-2023-24030 describes an open redirect in Zimbra Collaboration Suite’s /preauth servlet up to versions 9.0 and 8.8.15. An attacker must possess a valid zimbra auth or preauth token to trigger a redirect, potentially sending the user to an attacker‑controlled URL if URL sanitisation is bypassed...

CVE-2022-24030

creationtimestamp| type| source ---|---|--- 2022-02-03 07:29:38+00:00| seen| https://t.me/cibsecurity/36741...

CVE-2022-24030

An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 through 5.5. An SMM memory corruption vulnerability allows an attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM...

CVE-2022-24030

CVE-2022-24030 affects InsydeH2O’s AhciBusDxe driver. The issue is an SMM memory corruption vulnerability in kernel 5.1–5.5 that allows writing fixed or predictable data to SMRAM, enabling privilege escalation to System Management Mode. Affected kernel/workload context is local with no user inter...

CVE-2021-24030

The fbgames protocol handler registered as part of Facebook Gameroom does not properly quote arguments passed to the executable. That allows a malicious URL to cause code execution. This issue affects versions prior to v1.26.0...

CVE-2021-24030

The fbgames protocol handler registered as part of Facebook Gameroom does not properly quote arguments passed to the executable. That allows a malicious URL to cause code execution. This issue affects versions prior to v1.26.0...