CVE-2026-24148

creationtimestamp| type| source ---|---|--- 2026-03-31 17:29:18+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3miepbcnduy2c 2026-03-31 19:15:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3miev6tyebb24 2026-03-31 19:20:10+00:00| seen|...

CVE-2020-24148

Server-side request forgery SSRF in the Import XML and RSS Feeds import-xml-feed plugin 2.0.1 for WordPress via the data parameter in a moovereadxml action...

CVE-2025-24148

This issue was addressed with improved handling of executable types. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious JAR file may bypass Gatekeeper checks...

CVE-2025-24148

This issue was addressed with improved handling of executable types. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious JAR file may bypass Gatekeeper checks...

CVE-2025-24148

CVE-2025-24148 affects macOS where the issue stems from improved handling of executable types, allowing a malicious JAR to bypass Gatekeeper checks. Active impact details in the provided data come from macOS updates: Ventura 13.7.5, Sequoia 15.4, and Sonoma 14.7.5 address the vulnerability. The C...

CVE-2025-24148

This issue was addressed with improved handling of executable types. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious JAR file may bypass Gatekeeper checks...

CVE-2025-24148

This issue was addressed with improved handling of executable types. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A malicious JAR file may bypass Gatekeeper checks...

CVE-2024-24148

creationtimestamp| type| source ---|---|--- 2024-02-28 21:26:56+00:00| seen| https://t.me/ctinow/195878 2024-02-28 21:27:06+00:00| seen| https://t.me/ctinow/195888...

CVE-2024-24148

A memory leak issue discovered in parseSWFFREECHARACTER in libming v0.4.8 allows attackers to cause a denial of service via a crafted SWF file...

CVE-2024-24148

CVE-2024-24148 corresponds to a memory-leak vulnerability in the libming library (libming v0.4.8) affecting the parseSWF_FREECHARACTER function. The issue permits denial-of-service via a crafted SWF file and is supported by multiple sources in the Connected documents (e.g., NVD/NasL/Red Hat/Ubunt...

CVE-2023-24148

creationtimestamp| type| source ---|---|--- 2023-02-03 18:20:58+00:00| seen| https://t.me/cibsecurity/57462...

CVE-2023-24148

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the FileName parameter in the setUploadUserData function...

CVE-2023-24148

The CVE-2023-24148 entry applies to TOTOLINK CA300-PoE, firmware version V6.2c.884, which contains a command-injection vulnerability in the FileName parameter of the setUploadUserData function. The issue is documented across multiple sources (NVD/Red Hat/CNNVD and others) with a CVSS v3.1 base sc...

CVE-2023-24148

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the FileName parameter in the setUploadUserData function...

Tenda AX3 Router Command Injection (CVE-2022-24148; CVE-2022-24150)

A command injection vulnerability exists in Tenda AX3 router. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

CVE-2022-24148

creationtimestamp| type| source ---|---|--- 2022-02-04 07:30:39+00:00| seen| https://t.me/cibsecurity/36807...

CVE-2022-24148

The CVE-2022-24148 entry concerns Tenda AX3 router (v16.03.12.10_CN). A command injection exists in the mDMZSetCfg function, exploitable via the dmzIp parameter, allowing an attacker to execute arbitrary commands. Multiple sources describe remote, unauthenticated threat enabling high-impact outco...

Exploit for Server-Side Request Forgery in Mooveagency Import_Xml_And_Rss_Feeds

CVE-2020-24148 Server-side request forgery SSRF in the Impo...

CVE-2020-24148

Server-side request forgery SSRF in the Import XML and RSS Feeds import-xml-feed plugin 2.0.1 for WordPress via the data parameter in a moovereadxml action...

CVE-2020-24148

The CVE-2020-24148 entry is concrete: WordPress Import XML and RSS Feeds (import-xml-feed) plugin is affected up to version 2.0.1. The flaw is a server-side request forgery (SSRF) via the data parameter in the moove_read_xml action, implemented when the plugin fetches a URL using data as input (v...