22 matches found
📄 Kiuwan SAST 2.8.2412.0 Improper Enforcement
It was found out that a user is still able to login at the Kiuwan WebUI via SSO, even if the Kiuwan mapped account has been disabled in the user settings by an admin. This issue has been addressed in version 2.8.2509.4. SEC Consult Vulnerability Lab Security Advisory...
CVE-2026-24069
Kiuwan SAST improperly authorizes SSO logins for locally disabled mapped user accounts, allowing disabled users to continue accessing the application. Kiuwan Cloud was affected, and Kiuwan SAST on-premise KOP was affected before 2.8.2509.4...
CVE-2025-24069 Windows Storage Management Provider Information Disclosure Vulnerability
...
CVE-2025-24069
CVE-2025-24069 is an out-of-bounds read in the Windows Storage Management Provider that permits an authorized local attacker to disclose information. Affected component: Windows Storage Management Provider. CVSS: Local attack, Low privileges required, no user interaction, Confidentiality impact H...
CVE-2025-24069
creationtimestamp| type| source ---|---|--- 2025-06-10 15:24:53+00:00| seen| https://www.thezdi.com/blog/2025/6/10/the-june-2025-security-update-review 2025-06-20 01:42:59+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18893...
CVE-2023-24069
Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to obtain potentially sensitive attachments sent in messages from the attachments.noindex directory. Cached attachments are not effectively cleared. In some cases, even after a self-initiated file deletion, an attacker ca...
CVE-2022-24069
An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.0 before 05.08.41, 5.1 before 05.16.29, 5.2 before 05.26.29, 5.3 before 05.35.29, 5.4 before 05.43.29, and 5.5 before 05.51.29. An SMM callout vulnerability allows an attacker to hijack the execution flow of code running in...
Siemens InsydeH2O SMM Privilege Escalation (CVE-2022-24069)
An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.0 before 05.08.41, 5.1 before 05.16.29, 5.2 before 05.26.29, 5.3 before 05.35.29, 5.4 before 05.43.29, and 5.5 before 05.51.29. An SMM callout vulnerability allows an attacker to hijack the execution flow of code running in...
CVE-2023-24069
creationtimestamp| type| source ---|---|--- 2023-01-23 12:24:46+00:00| seen| https://t.me/cibsecurity/56826 2023-01-23 22:03:32+00:00| seen| https://t.me/zatelecom/24451 2023-01-24 12:46:22+00:00| published-proof-of-concept| https://t.me/NeKaspersky/2796 2023-01-24 14:04:15+00:00|...
CVE-2023-24069
Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to obtain potentially sensitive attachments sent in messages from the attachments.noindex directory. Cached attachments are not effectively cleared. In some cases, even after a self-initiated file deletion, an attacker ca...
CVE-2023-24069
Signal Desktop before 6.2.0 (Windows/Linux/macOS) is affected by CVE-2023-24069 and CVE-2023-24068, with confirmed details in Red Hat advisories and NVD/osv entries. The issue centers on attachments.noindex: attackers with local filesystem access can access potentially sensitive attachments store...
CVE-2022-24069
An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.0 before 05.08.41, 5.1 before 05.16.29, 5.2 before 05.26.29, 5.3 before 05.35.29, 5.4 before 05.43.29, and 5.5 before 05.51.29. An SMM callout vulnerability allows an attacker to hijack the execution flow of code running in...
CVE-2022-24069
CVE-2022-24069 is an SMM callout vulnerability in InsydeH2O’s AhciBusDxe driver. Root cause: unverified SMM communication flow could allow an attacker to hijack execution in System Management Mode, potentially escalating privileges to SMM. Affected products use InsydeH2O BIOS/firmware; kernel ran...
CVE-2021-24069
Microsoft Excel Remote Code Execution Vulnerability...
CVE-2021-24069 Microsoft Excel Remote Code Execution Vulnerability
...
CVE-2021-24069
CVE-2021-24069 is an Excel remote code execution vulnerability (Microsoft Excel/Office components). Public details in connected sources indicate a vulnerability class: remote code execution via Excel, with affected products spanning Microsoft Excel/Office versions referenced in Microsoft advisori...
Microsoft Excel 2013 Remote Code Execution Vulnerabilities (KB4493211)
This host is missing an important security update according to Microsoft KB4493211 Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...
Microsoft Excel 2016 Remote Code Execution Vulnerabilities (KB4493196)
This host is missing an important security update according to Microsoft KB4493196 Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...
Microsoft Excel 2010 Remote Code Execution Vulnerabilities (KB4493222)
This host is missing an important security update according to Microsoft KB4493222 Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...
Description of the security update for Excel 2013: February 9, 2021 (KB4493211)
Description of the security update for Excel 2013: February 9, 2021 KB4493211 Summary This security update resolves Microsoft Excel Remote Code Execution Vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common Vulnerabilities and Exposures...