CVE-2026-24455

The embedded web interface of the device does not support HTTPS/TLS for authentication and uses HTTP Basic Authentication. Traffic is encoded but not encrypted, exposing user credentials to passive interception by attackers on the same network...

EUVD-2024-50334

Malicious code in bioql PyPI...

CVE-2023-24455

Jenkins visualexpert Plugin 1.3 and earlier does not restrict the names of files in methods implementing form validation, allowing attackers with Item/Configure permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...

CVE-2024-24455

An invalid memory access when handling a UE Context Release message containing an invalid UE identifier in Athonet vEPC MME v11.4.0 allows attackers to cause a Denial of Service DoS to the cellular network by repeatedly initiating connections and sending a crafted payload...

CVE-2024-9739

CVE-2024-9739 affects Tungsten Automation Power PDF. The vulnerability arises in PDF file parsing due to insufficient validation of user-supplied data, leading to a memory corruption condition. This can allow arbitrary code execution in the context of the affected process and requires user intera...

CVE-2024-9739 Tungsten Automation Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability

Tungsten Automation Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that...

CVE-2024-9739 Tungsten Automation Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability

Tungsten Automation Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that...

CVE-2023-24455

Jenkins visualexpert Plugin 1.3 and earlier does not restrict the names of files in methods implementing form validation, allowing attackers with Item/Configure permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...

CVE-2023-24455

Jenkins visualexpert Plugin 1.3 and earlier does not restrict the names of files in methods implementing form validation, allowing attackers with Item/Configure permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...

CVE-2023-24455

Jenkins visualexpert Plugin 1.3 and earlier does not restrict the names of files in methods implementing form validation, allowing attackers with Item/Configure permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...

CVE-2023-24455

CVE-2023-24455 affects the Jenkins visualexpert plugin (versions 1.3 and earlier). The issue arises from not restricting file names in methods implementing form validation, enabling attackers with Item/Configure permission to check for the existence of an attacker-specified file path on the Jenki...

CVE-2020-24455 affecting package tpm2-tss for versions less than 2.4.6-1

CVE-2020-24455 affecting package tpm2-tss for versions less than 2.4.6-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-24455

Windows CD-ROM Driver Elevation of Privilege Vulnerability...

CVE-2022-24455 Windows CD-ROM Driver Elevation of Privilege Vulnerability

...

CVE-2022-24455

CVE-2022-24455 affects the Microsoft Windows CD-ROM Driver. The vulnerability is an Elevation of Privilege in the CD-ROM driver that could allow an attacker to execute arbitrary code with elevated privileges on Windows systems. The CNVD entry corroborates a Windows CD-ROM Driver EoP and notes pot...

KB5011495: Windows 10 Version 1607 and Windows Server 2016 Security Update (March 2022)

The remote Windows host is missing security update 5011495. It is, therefore, affected by multiple vulnerabilities - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2022-23283, CVE-2022-23284, CVE-2022-23287, CVE-2022-23290, CVE-2022-23293,...

KB5011491: Windows 10 LTS 1507 Security Update (March 2022)

The remote Windows host is missing security update 5011491. It is, therefore, affected by multiple vulnerabilities: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2022-23283, CVE-2022-24459, CVE-2022-23284, CVE-2022-23296, CVE-2022-23287,...

KB5011503: Windows 10 version 1809 / Windows Server 2019 Security Update (March 2022)

The remote Windows host is missing security update 5011503. It is, therefore, affected by multiple vulnerabilities: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2022-23288, CVE-2022-23284, CVE-2022-24455, CVE-2022-23296, CVE-2022-24459,...

KB5011527: Windows Server 2012 Security Update (March 2022)

The remote Windows host is missing security update 5011535 or cumulative update 5011527. It is, therefore, affected by multiple vulnerabilities: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2022-23290, CVE-2022-23284, CVE-2022-24459,...

CVE-2020-24455 affecting package tpm2-tss 2.4.0-1

CVE-2020-24455 affecting package tpm2-tss 2.4.0-1. An upgraded version of the package is available that resolves this issue...