WooCommerce Help Scout - Arbitrary File Upload

WooCommerce Help Scout plugin before version 2.9.1 contains an unrestricted file upload vulnerability. The vulnerability allows unauthenticated users to upload arbitrary files to the server which by default will end up in wp-content/uploads/hstmp/ directory, potentially leading to remote code...

CVE-2026-24212

NVIDIA Isaac Launchable for Linux contains a vulnerability where sensitive information is transmitted in clear text. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...

MAL-2025-24212 Malicious code in kamonetucac (npm)

The package kamonetucac was found to contain malicious code...

CVE-2021-24212

The WooCommerce Help Scout WordPress plugin before 2.9.1 https://woocommerce.com/products/woocommerce-help-scout/ allows unauthenticated users to upload any files to the site which by default will end up in wp-content/uploads/hstmp...

CVE-2025-24212

This issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to break out of its sandbox...

CVE-2025-24212

This issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to break out of its sandbox...

CVE-2025-24212

CVE-2025-24212 describes a sandbox-escape issue addressed by Apple via updated checks. Affected platforms include visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4/iPadOS 18.4, macOS Sequoia 15.4, and macOS Sonoma 14.7.5. The issue’s root cause is summarized as improved check...

CVE-2024-8817 PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must vis...

CVE-2024-8817 PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must vis...

CVE-2024-8817

PDF-XChange Editor is affected by a U3D parsing vulnerability that causes an out-of-bounds write, enabling remote code execution. The flaw, arising from insufficient validation of U3D data during parsing, can write past the end of an allocated object and execute code in the attacker’s context. Ex...

CVE-2023-24212

creationtimestamp| type| source ---|---|--- 2023-02-24 03:18:36+00:00| seen| https://t.me/cibsecurity/58837 2025-03-12 14:40:38+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7303...

CVE-2023-24212

Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the timeType function at /goform/SetSysTimeCfg...

CVE-2023-24212

CVE-2023-24212 relates to a stack overflow in the Tenda AX3 firmware (16.03.12.11) triggered by the timeType function in the /goform/SetSysTimeCfg endpoint. The vulnerability affects the affected product via a crafted request over the network (CVSS: 3.1, AV:N, AC:L, PR:N, UI:N, S:U, C:H, I:H, A:H...

CVE-2021-24212

The WooCommerce Help Scout WordPress plugin (

VulnCheck KEV: CVE-2021-24212

The WooCommerce Help Scout WordPress plugin before 2.9.1 https://woocommerce.com/products/woocommerce-help-scout/ allows unauthenticated users to upload any files to the site which by default will end up in wp-content/uploads/hstmp...

CVE-2020-24212

...

CVE-2020-24212

CVE-2020-24212 is rejected/not used; this CVE ID represents no active vulnerability entry.