CVE-2021-24461

The getfaqs function in the FAQ Builder AYS WordPress plugin before 1.3.6 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the getresults DB calls, leading to SQL injection issues in the admin dashboard...

CVE-2025-24461

In JetBrains TeamCity before 2024.12.1 decryption of connection secrets without proper permissions was possible via Test Connection endpoint...

CVE-2025-24461

CVE-2025-24461 affects JetBrains TeamCity prior to 2024.12.1. The issue allows decryption of connection secrets without proper permissions via the Test Connection endpoint, exposing high confidentiality impact with no reported integrity or availability changes. Affected component: Test Connection...

CVE-2025-24461

In JetBrains TeamCity before 2024.12.1 decryption of connection secrets without proper permissions was possible via Test Connection endpoint...

CVE-2024-9745

Tungsten Automation Power PDF TIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerabili...

CVE-2024-9745 Tungsten Automation Power PDF TIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Tungsten Automation Power PDF TIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerabili...

CVE-2024-9745 Tungsten Automation Power PDF TIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Tungsten Automation Power PDF TIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerabili...

F5 BIG-IP Edge Client Windows Component Installer < 7.2.4.1 Improper Certificate Validation (K000132539)

The version of the Big-IP Edge Client Windows Component Installer installed on the remote Windows host is before 7.2.4.1. An improper certificate validation vulnerability exists in BIG-IP Edge Client for Windows and macOS and may allow an attacker to impersonate a BIG-IP APM system. CVE-2023-2446...

CVE-2023-24461

CVE-2023-24461 describes an improper certificate validation vulnerability in the BIG-IP Edge Client for Windows and macOS that may allow an attacker to impersonate a BIG-IP APM system. Connected advisories specify affected product families and fixed versions: BIG-IP Edge Client on 17.x is vulnera...

CVE-2023-24461 BIG-IP Edge Client for Windows and macOS vulnerability

An improper certificate validation vulnerability exists in the BIG-IP Edge Client for Windows and macOS and may allow an attacker to impersonate a BIG-IP APM system. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

K000132539: BIG-IP Edge Client for Windows and macOS vulnerability CVE-2023-24461

Security Advisory Description An improper certificate validation vulnerability exists in BIG-IP Edge Client for Windows and macOS and may allow an attacker to impersonate a BIG-IP APM system. CVE-2023-24461 Impact An unauthenticated attacker with a man-in-the-middle MITM position may exploit this...

CVE-2020-24461

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

Microsoft SharePoint Remote Code Execution Vulnerability (CNVD-2025-24461)

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code executi...

Security Updates for Microsoft Office Products C2R (March 2022)

The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - Multiple code execution vulnerabilities. An attacker can exploit these to bypass authentication and execute unauthorized arbitrary commands. CVE-2022-24461, CVE-2022-24509,...

Security Updates for Microsoft Visio Products (March 2022) (deprecated)

This plugin has been deprecated to be brought in line with Tenable's C2R plugin policy. Pleas use smbntms22marvisioc2r.nasl instead. %NASLMINLEVEL 70300 C Tenable, Inc. @DEPRECATED@ Disabled on 2022/06/09. Deprecated by smbntms22marvisioc2r.nasl. include'deprecatednasllevel.inc';...

Security Updates for Microsoft Office Products (March 2022) (deprecated)

This plugin has been deprecated to be brought in line with Tenable's C2R plugin policy. Pleas use smbntms22marofficec2r.nasl instead. %NASLMINLEVEL 70300 C Tenable, Inc. @DEPRECATED@ Disabled on 2022/06/09. Deprecated by smbntms22marofficec2r.nasl. include'deprecatednasllevel.inc';...

CVE-2022-24461

creationtimestamp| type| source ---|---|--- 2022-03-09 20:12:06+00:00| seen| https://t.me/cibsecurity/38584...

CVE-2022-24461

Microsoft Office Visio Remote Code Execution Vulnerability...

CVE-2022-24461 Microsoft Office Visio Remote Code Execution Vulnerability

...

CVE-2022-24461

CVE-2022-24461 affects Microsoft Office Visio, with a boundary/EMF processing flaw in EMR_COMMENT_EMFPLUS records that allows remote code execution. Public metadata reports a high-severity impact (CVSSv3.1: Local, Low/None Privilege, UI Required, with High Confidentiality, Integrity, and Availabi...