CVE-2026-24313

SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...

CVE-2026-24313 Missing Authorization check in SAP Solution Tools Plug-In (ST-PI)

SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...

Device Plugins for Kubernetes Advisory

Summary: A potential security vulnerability for some Device Plugins for Kubernetes software maintained by Intel may allow denial of service. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-24313 Description: Improper access...

CVE-2021-24313

The WP Prayer WordPress plugin before 1.6.2 provides the functionality to store requested prayers/praises and list them on a WordPress website. These stored prayer/praise requests can be listed by using the WP Prayer engine. An authenticated WordPress user with any role can fill in the form to...

CVE-2024-8828

PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target...

CVE-2024-8828 PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target...

CVE-2024-8828 PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target...

grafana security update

9.2.10-8 - Rebuild with latest version of golang - resolve RHEL-24313...

CVE-2022-24313

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server V15.0.0.22020...

CVE-2022-24313

CVE-2022-24313 is a stack-based buffer overflow in Schneider Electric IGSS Data Server (IGSSdataServer.exe) affecting v15.0.0.22020 and earlier. The vulnerability arises from copying user-supplied data into a fixed-size stack buffer, enabling remote code execution. Public advisories describe expl...

CVE-2021-24313

The WP Prayer WordPress plugin before 1.6.2 provides the functionality to store requested prayers/praises and list them on a WordPress website. These stored prayer/praise requests can be listed by using the WP Prayer engine. An authenticated WordPress user with any role can fill in the form to...

CVE-2021-24313

The WP Prayer WordPress plugin (before 1.6.2) contains an authenticated stored XSS vulnerability in the prayer/praise request form. The issue arises because the 'prayer request' and 'praise request' fields do not properly validate input, allowing an authenticated user to store XSS payloads that c...

CVE-2020-24313

Etoile Web Design Ultimate Appointment Booking & Scheduling WordPress Plugin v1.1.9 and lower does not sanitize the value of the "AppointmentID" GET parameter before echoing it back out inside an input tag. This results in a reflected XSS vulnerability that attackers can exploit with a specially...

CVE-2020-24313

CVE-2020-24313 affects Etoile Web Design Ultimate Appointment Booking & Scheduling WordPress Plugin (versions 1.1.9 and lower). The issue is a reflected XSS in which the GET parameter Appointment_ID is echoed back inside an input tag without sanitization, enabling attacker-controlled script via a...