CVE-2026-24355

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality allows Stored XSS.This issue affects Houzez Theme - Functionality: from n/a through = 4.2.6...

CVE-2026-24355

creationtimestamp| type| source ---|---|--- 2026-01-22 17:36:56+00:00| seen| https://gist.github.com/Darkcrai86/9d0c73283778e131b540fd85758fe6e4...

CVE-2026-24355

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality allows Stored XSS.This issue affects Houzez Theme - Functionality: from n/a through = 4.2.6...

CVE-2025-24355

Updatecli is a tool used to apply file update strategies. Prior to version 0.93.0, private maven repository credentials may be leaked in application logs in case of unsuccessful retrieval operation. During the execution of an updatecli pipeline which contains a maven source configured with basic...

CVE-2022-24355

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n 5553 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of file name...

CVE-2025-24355

Updatecli is a tool used to apply file update strategies. Prior to version 0.93.0, private maven repository credentials may be leaked in application logs in case of unsuccessful retrieval operation. During the execution of an updatecli pipeline which contains a maven source configured with basic...

CVE-2025-24355

Updatecli (tool) is affected by CVE-2025-24355: when a pipeline uses a maven source with basic auth credentials and the retrieval operation fails, private credentials may be leaked in logs. The issue is resolved in version 0.93.0. Related advisories (GHSA-GHSA: v34R-vJ4R-38J6) describe the same l...

CVE-2025-24355 Updatecli may expose Maven credentials in console output

Updatecli is a tool used to apply file update strategies. Prior to version 0.93.0, private maven repository credentials may be leaked in application logs in case of unsuccessful retrieval operation. During the execution of an updatecli pipeline which contains a maven source configured with basic...

CVE-2022-24355

CVE-2022-24355 affects TP-Link TL-WR940N routers (3.20.1 Build 200316 Rel.34392n) where the httpd parsing of file name extensions fails to validate the length of user-supplied data before copying to a fixed-size stack buffer, enabling network-adjacent, unauthenticated remote code execution as roo...

WordPress Simple 301 Redirects by BetterLinks Plugin < 2.0.4 Multiple Vulnerabilities

The WordPress plugin Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

CVE-2021-24355

creationtimestamp| type| source ---|---|--- 2021-06-14 18:37:42+00:00| seen| https://t.me/cibsecurity/25437...

CVE-2021-24355

The CVE concerns the WordPress plugin Simple 301 Redirects by BetterLinks, versions prior to 2.0.4. The root cause is missing authorization checks and insufficient nonce validation on AJAX endpoints, specifically simple301redirects/admin/get_wildcard and simple301redirects/admin/wildcard. This al...

Zyxel Routers Privilege Escalation (CVE-2020-24355)

A Privilege Escalation vulnerability exists in Zyxel VMG5313-B30B router. Successful exploitation of this vulnerability could allow a remote attacker to create new users with elevated privileges and by that damage the affected system...

CVE-2020-24355

CVE-2020-24355 affects Zyxel VMG5313-B30B routers; the vulnerability stems from insecure permissions that let an attacker create new users with elevated privileges by manipulating the FirstIndex field in the account-creation JSON (and possibly during deletion). Affected firmware includes 5.13(ABC...

CVE-2020-24355

Zyxel VMG5313-B30B router on firmware 5.13ABCJ.6b31127, and possibly older versions of firmware are affected by insecure permissions which allows regular and other users to create new users with elevated privileges. This is done by changing "FirstIndex" field in JSON that is POST-ed during accoun...

Yahoo Messenger Webcam Viewer ActiveX control buffer overflow

Added: 06/08/2007 CVE: CVE-2007-3148 BID: 24355 OSVDB: 37081 Background Yahoo! Messenger is an instant messaging application. It includes the Webcam Viewer ActiveX control which is provided by ywcvwr.dll. Problem A buffer overflow vulnerability in the Yahoo! Messenger Webcam Viewer ActiveX contro...