AlmaLinux 8 : frr (ALSA-2026:24340)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:24340 advisory. frr: denial of service via crafted FlowSpec component CVE-2026-37457 Tenable has extracted the preceding description block directly from the AlmaLinux security...

CVE-2026-24340

Not used...

PT-2026-4639

CVE-2026-24340 - Fortinet SSL/TLS Denial of Service CVE ID : CVE-2026-24340 Published : Jan. 23, 2026, 5:16 a.m. | 1 hour, 58 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2025-24340

A vulnerability in the users configuration file of ctrlX OS may allow a remote authenticated low-privileged attacker to recover the plaintext passwords of other users...

CVE-2025-24340

creationtimestamp| type| source ---|---|--- 2025-04-30 11:13:16+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14004 2025-04-30 13:55:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnzx4i5m2l2h 2025-04-30 14:34:03+00:00| seen| https://t.me/cvedetector/24083 2025-06-16...

CVE-2022-24340

creationtimestamp| type| source ---|---|--- 2022-02-25 18:20:44+00:00| seen| https://t.me/cibsecurity/38091...

CVE-2022-24340

CVE-2022-24340 (TeamCity) represents an XML External Entity (XXE) vulnerability in JetBrains TeamCity prior to 2021.2.1, triggered during parsing of configuration files. The issue could impact confidentiality, integrity, and availability to a high degree, as indicated by the CVSS data (high/criti...

CVE-2021-24340

The WP Statistics WordPress plugin before 13.0.8 relied on using the WordPress escsql function on a field not delimited by quotes and did not first prepare the query. Additionally, the page, which should have been accessible to administrator only, was also available to any visitor, including...

CVE-2021-24340 WP Statistics < 13.0.8 - Unauthenticated SQL Injection

The WP Statistics WordPress plugin before 13.0.8 relied on using the WordPress escsql function on a field not delimited by quotes and did not first prepare the query. Additionally, the page, which should have been accessible to administrator only, was also available to any visitor, including...

CVE-2021-24340

The WordPress WP Statistics plugin (versions prior to 13.0.8) is affected by an unauthenticated time-based blind SQL injection. Root cause: the plugin used esc_sql() on a field not delimited by quotes and did not first prepare the query, with an admin page exposed to unauthenticated visitors. Imp...

CVE-2020-24340

The CVE-2020-24340 issue affects picoTCP/picoTCP-NG (through 1.7.0) in the DNS response processing code path pico_mdns_handle_data_as_answers_generic() in pico_mdns.c, where it fails to validate that the header’s number of DNS answers matches the actual packet data. This can cause an out-of-bound...

otago.ac.nz XSS vulnerability

Vulnerable URL: http://www.otago.ac.nz/contacts/search/index.html?query=%27%22%3E%3Csvg%2Fonload%3Dconfirm%28%2FOPENBUGBOUNTY%2F%29%3E Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 10:57 GMT Vulnerability type:| XSS Vulnerability status:|...

CVE-2026-24340

...