CVE-2026-24363

creationtimestamp| type| source ---|---|--- 2026-03-26 21:34:08+00:00| seen| Telegram/xJezgFr2WDWEMFIRLHcqUi9P6zOwR7kCz2QloATB-ENA7I...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2020-24363link is external TP-link TL-WA855RE Missing Authentication for Critical Function Vulnerability CVE-2025-55177link is external Meta Platforms WhatsApp...

CVE-2025-24363

The HL7 FHIR IG publisher is a tool to take a set of inputs and create a standard FHIR IG. Prior to version 1.8.9, in CI contexts, the IG Publisher CLI uses git commands to determine the URL of the originating repo. If the repo was cloned, or otherwise set to use a repo that uses a username and...

CVE-2022-24363

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

org.hl7.fhir.publisher:org.hl7.fhir.publisher.cli (>=1.1.0 <=1.2.36) potentially affected by CVE-2025-24363 via org.hl7.fhir.publisher:org.hl7.fhir.publisher.core (>=1.1.0 <=1.2.9)

org.hl7.fhir.publisher:org.hl7.fhir.publisher.core MAVEN version =1.1.0, =1.1.0, =1.2.36 Source cves: CVE-2025-24363 Source advisory: OSV:GHSA-6729-95V3-PJC2...

CVE-2025-24363

The HL7 FHIR IG publisher is a tool to take a set of inputs and create a standard FHIR IG. Prior to version 1.8.9, in CI contexts, the IG Publisher CLI uses git commands to determine the URL of the originating repo. If the repo was cloned, or otherwise set to use a repo that uses a username and...

CVE-2025-24363

creationtimestamp| type| source ---|---|--- 2025-01-24 19:05:30+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/2993 2025-01-24 21:06:17+00:00| seen| https://t.me/cvedetector/16339...

CVE-2025-24363 The HL7 FHIR IG publisher may potentially expose GitHub repo user and credential information

The HL7 FHIR IG publisher is a tool to take a set of inputs and create a standard FHIR IG. Prior to version 1.8.9, in CI contexts, the IG Publisher CLI uses git commands to determine the URL of the originating repo. If the repo was cloned, or otherwise set to use a repo that uses a username and...

CVE-2022-24363

Foxit PDF Reader 11.1.0.52543 is affected by CVE-2022-24363 due to improper handling of Annotation objects. The flaw stems from not validating the existence of an object before performing operations, enabling remote code execution in the current process when a user visits a malicious page or open...

CVE-2021-24363

creationtimestamp| type| source ---|---|--- 2021-08-16 14:14:45+00:00| seen| Telegram/RMQXlD7pC7EpoyI-cfuXCouwMVOO7BXPITQTMhECR2XDG7Q...

CVE-2021-24363

CVE-2021-24363 affects the WordPress plugin Photo Gallery by 10Web – Mobile-Friendly Image Gallery, prior to version 1.5.75. The vulnerability arises from improper enforcement that uploaded files stay within the plugin’s uploads folder, enabling a path traversal that could allow high-privilege us...

CVE-2021-24363 Photo Gallery < 1.5.75 - File Upload Path Traversal

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.75 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images/SVG anywhere in the filesystem via a path traversal vector...

TP-Link TL-WA855RE V5_200415 Device Reset Authentication Bypass

Exploit Title: TP-Link TL-WA855RE V5200415 - Device Reset Auth Bypass Date: 2020/07/29 Exploit Author: malwrforensics Vendor Homepage: https://tp-link.com Software link: https://static.tp-link.com/2020/202004/20200430/TL-WA855REV5200415.zip Version: TL-WA855REUSV5200415 Tested on: N/A CVE :...

CVE-2020-24363

CVE-2020-24363 affects TP-Link TL-WA855RE V5 (20200415-rel37464). An unauthenticated attacker on the same network can submit a TDDP_RESET POST request to trigger a factory reset/reboot and then set a new administrative password, leading to incorrect access control. The vulnerability is classified...