Lucene search
K

51 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.6 views

RockyLinux 10 : cockpit-image-builder (RLSA-2026:24331)

The remote RockyLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RLSA-2026:24331 advisory. lodash: prototype pollution in .unset and .omit functions CVE-2025-13465 lodash: lodash: Arbitrary code execution via untrusted input in template impor...

9.8CVSS6AI score0.01735EPSS
Exploits0References5
OSV
OSV
added 2026/06/08 10:6 a.m.13 views

RHSA-2026:24331 Red Hat Security Advisory: cockpit-image-builder security update

Bulletin has no description...

8.2CVSS6.3AI score0.01735EPSS
Exploits0References16
Circl
Circl
added 2025/07/02 12:47 p.m.14 views

CVE-2025-24331

creationtimestamp| type| source ---|---|--- 2025-07-02 12:47:34+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114783712216991743 2025-07-02 13:07:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsybt2ut3h2i...

6.4CVSS4.8AI score0.00135EPSS
Exploits0References2
NVD
NVD
added 2025/07/02 9:15 a.m.5 views

CVE-2025-24331

The Single RAN baseband OAM service is intended to run as an unprivileged service. However, it initially starts with root privileges and assigns certain capabilities before dropping to an unprivileged level. The capabilities retained from the root period are considered extensive after the privile...

6.4CVSS0.00135EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.6 views

TencentOS Server 3: trousers (TSSA-2022:0091)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0091 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.8CVSS6.8AI score0.00553EPSS
Exploits3References4
RedhatCVE
RedhatCVE
added 2025/05/23 1:54 a.m.7 views

CVE-2023-24331

Command Injection vulnerability in D-Link Dir 816 with firmware version DIR-816A2v1.10CNB04 allows attackers to run arbitrary commands via the urlAdd parameter...

9.8CVSS7.7AI score0.02122EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:3 p.m.6 views

CVE-2021-24331

The Smooth Scroll Page Up/Down Buttons WordPress plugin before 1.4 did not properly sanitise and validate its settings, such as psbdistance, psbbuttonsize, psbspeed, only validating them client side. This could allow high privilege users such as admin to set XSS payloads in them...

4.8CVSS5.7AI score0.00652EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2020-24331

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read and write access to the...

7.8CVSS7.5AI score0.00486EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.23 views

RHEL 5 : trousers (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - trousers: tss user still has read and write access to the /etc/tcsd.conf file if tcsd is started as root...

7.2AI score0.00553EPSS
Exploits3References3
CBLMariner
CBLMariner
added 2024/03/19 5:21 p.m.24 views

CVE-2020-24331 affecting package trousers for versions less than 0.3.14-7

CVE-2020-24331 affecting package trousers for versions less than 0.3.14-7. A patched version of the package is available...

7.8CVSS7.8AI score0.00486EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2024/02/21 9:15 p.m.3 views

CVE-2023-24331

Command Injection vulnerability in D-Link Dir 816 with firmware version DIR-816A2v1.10CNB04 allows attackers to run arbitrary commands via the urlAdd parameter...

9.8CVSS6AI score0.02122EPSS
Exploits1References2
CVE
CVE
added 2024/02/21 12:0 a.m.48 views

CVE-2023-24331

Affected device: D-Link DIR-816 router, firmware DIR-816_A2_v1.10CNB04. Issue: Command Injection via the urlAdd parameter that enables attackers to execute arbitrary commands. Documents do not specify exploit details beyond this vector or a concrete remediation; no explicit exploit availability i...

9.8CVSS7.6AI score0.02122EPSS
Exploits1References1Affected Software1
Circl
Circl
added 2024/01/30 4:22 p.m.8 views

CVE-2024-24331

creationtimestamp| type| source ---|---|--- 2024-01-30 16:22:12+00:00| seen| https://t.me/ctinow/176045 2024-02-01 08:16:22+00:00| seen| https://t.me/ctinow/177355 2024-02-22 08:08:05+00:00| seen| https://t.me/ctinow/190520...

9.8CVSS8.7AI score0.01615EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/01/30 12:0 a.m.7 views

CVE-2024-24331

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setWiFiScheduleCfg function...

8.1AI score0.01615EPSS
Exploits1References1
CVE
CVE
added 2024/01/30 12:0 a.m.156 views

CVE-2024-24331

CVE-2024-24331 affects TOTOLINK A3300R, specifically version 17.0.0cu.557_B20221024, where a command-injection flaw exists in the setWiFiScheduleCfg function via the enable parameter. The issue is rated with high impact (CVSS v3.1: CRITICAL, 9.8) across confidentiality, integrity, and availabilit...

9.8CVSS9.7AI score0.01615EPSS
Exploits1References1Affected Software1
CBLMariner
CBLMariner
added 2022/04/09 6:51 a.m.24 views

CVE-2020-24331 affecting package trousers for versions less than 0.3.14-7

CVE-2020-24331 affecting package trousers for versions less than 0.3.14-7. A patched version of the package is available...

7.8CVSS7.9AI score0.00486EPSS
Exploits1
Circl
Circl
added 2022/02/25 6:20 p.m.7 views

CVE-2022-24331

creationtimestamp| type| source ---|---|--- 2022-02-25 18:20:59+00:00| seen| https://t.me/cibsecurity/38098...

9.8CVSS8.7AI score0.01128EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/02/25 2:35 p.m.31 views

CVE-2022-24331

In JetBrains TeamCity before 2021.1.4, GitLab authentication impersonation was possible...

9.8AI score0.01128EPSS
Exploits0References2
CVE
CVE
added 2022/02/25 2:35 p.m.106 views

CVE-2022-24331

CVE-2022-24331 affects JetBrains TeamCity prior to 2021.1.4, where GitLab authentication impersonation is possible. This vulnerability enables impersonation by abusing GitLab authentication flows, with impact described as high to critical in CVSS scores (NETWORK, no auth required, user impact and...

9.8CVSS9.5AI score0.01128EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.33 views

AlmaLinux 8 : trousers (ALSA-2021:1627)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1627 advisory. - An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the...

7.8CVSS6.8AI score0.00553EPSS
Exploits3References4
Rows per page
Query Builder