CVE-2026-24402

creationtimestamp| type| source ---|---|--- 2026-01-24 03:05:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3md5aatfim52h...

CVE-2024-24402

An issue in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted script to the /usr/local/nagios/bin/npcd component...

CVE-2023-24402

Auth. admin+ Cross-Site Scripting XSS vulnerability in Veribo, Roland Murg WP Booking System – Booking Calendar plugin = 2.0.18 versions...

CVE-2021-24402

The Orders functionality in the WP iCommerce WordPress plugin through 1.1.1 has an orderid parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. The feature is available to low privilege users such as contributors...

CVE-2022-24402

The TETRA TEA1 keystream generator implements a key register initialization function that compresses the 80-bit key to only 32 bits for usage during the keystream generation phase, which is insufficient to safeguard against exhaustive search attacks...

CVE-2025-24402

creationtimestamp| type| source ---|---|--- 2025-01-22 17:16:05+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdun2kurk2w 2025-01-22 17:54:36+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113873287621870613 2025-01-22 18:54:28+00:00| seen|...

CVE-2025-24402

A cross-site request forgery CSRF vulnerability in Jenkins Azure Service Fabric Plugin 1.6 and earlier allows attackers to connect to a Service Fabric URL using attacker-specified credentials IDs obtained through another method...

CVE-2025-24402

A cross-site request forgery CSRF vulnerability in Jenkins Azure Service Fabric Plugin 1.6 and earlier allows attackers to connect to a Service Fabric URL using attacker-specified credentials IDs obtained through another method...

CVE-2025-24402

CVE-2025-24402 describes a CSRF vulnerability in Jenkins Azure Service Fabric Plugin

CVE-2024-24402

creationtimestamp| type| source ---|---|--- 2024-02-26 18:26:38+00:00| seen| https://t.me/ctinow/193614 2024-02-26 18:32:15+00:00| seen| https://t.me/ctinow/193621 2024-02-28 00:21:55+00:00| seen| https://t.me/ctinow/194984 2025-02-12 19:08:03+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/41...

CVE-2024-24402

CVE-2024-24402 affects Nagios XI 2024R1.01, enabling privilege escalation via a crafted script targeting /usr/local/nagios/bin/npcd. Multiple sources (Red Hat, CIRCL, NVD/NASL/Nessus and CVE repositories) confirm the issue and its association with Nagios XI. In published timelines, Nagios has rel...

CVE-2022-24402 Intentionally weakened effective strength in TETRA TEA1

The TETRA TEA1 keystream generator implements a key register initialization function that compresses the 80-bit key to only 32 bits for usage during the keystream generation phase, which is insufficient to safeguard against exhaustive search attacks...

CVE-2022-24402

CVE-2022-24402 affects TETRA TEA1: the keystream generator’s key register initialization compresses an 80-bit key to 32 bits, creating insufficient entropy and enabling feasible brute-force search. Documented in multiple sources; no patch details provided in the connected documents. Remediation s...

CVE-2022-24402

creationtimestamp| type| source ---|---|--- 2023-07-25 19:29:22+00:00| seen| https://t.me/truesecator/4656 2023-10-19 14:34:30+00:00| seen| https://t.me/cibsecurity/72560 2024-04-26 21:54:48+00:00| seen| https://t.me/darkcommunityofficial/482...

CVE-2023-24402

Auth. admin+ Cross-Site Scripting XSS vulnerability in Veribo, Roland Murg WP Booking System – Booking Calendar plugin = 2.0.18 versions...

CVE-2023-24402

Auth. admin+ Cross-Site Scripting XSS vulnerability in Veribo, Roland Murg WP Booking System – Booking Calendar plugin = 2.0.18 versions...

CVE-2023-24402

CVE-2023-24402 affects the WordPress WP Booking System – Booking Calendar plugin for Veribo, with versions

WordPress WP Booking System Plugin <= 2.0.18 is vulnerable to Cross Site Scripting (XSS)

Software WP Booking System Type Plugin Vulnerable versions = 2.0.18 Fixed in 2.0.18.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-24402 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 5602c1fc4928 Credits Abdi Pranata...

CVE-2021-24402

creationtimestamp| type| source ---|---|--- 2021-09-20 14:26:53+00:00| seen| https://t.me/cibsecurity/29091...

CVE-2020-24402

Magento 2.4.0 and 2.3.5p1 (and earlier) are affected by an incorrect permissions vulnerability in the Integrations component. The issue allows authenticated users with permissions to the Resource Access API to delete customer details via the REST API without authorization. This is rooted in impro...