Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

19 matches found

RedhatCVE
RedhatCVEadded 2026/06/05 7:29 p.m.5 views

CVE-2026-24468

OpenAEV is an open source platform allowing organizations to plan, schedule and conduct cyber adversary simulation campaign and tests. Starting in version 1.11.0 and prior to version 2.0.13, the /api/reset endpoint behaves differently depending on whether the supplied username exists in the syste...

5.3CVSS5.5AI score0.00085EPSS
Exploits0References1
Circl
Circladded 2025/08/23 4:53 a.m.5 views

CVE-2025-24468

creationtimestamp| type| source ---|---|--- 2025-08-23 04:53:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lx26hl7wpj2k...

7.3AI score
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/11/22 9:2 p.m.11 views

CVE-2024-9751 Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in tha...

7.8CVSS8AI score0.00717EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/11/22 9:2 p.m.16 views

CVE-2024-9751 Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in tha...

7.8CVSS0.00717EPSS
Exploits0References1
CVE
CVEadded 2024/11/22 9:2 p.m.48 views

CVE-2024-9751

CVE-2024-9751 describes an out-of-bounds read in Tungsten Automation Power PDF due to JP2 file parsing. The flaw arises from insufficient validation of JP2-derived data, allowing an attacker to read past the end of an allocated object and potentially execute code in the processor’s context. Explo...

7.8CVSS8AI score0.00717EPSS
Exploits0References1Affected Software1
Circl
Circladded 2024/02/05 5:22 p.m.1 views

CVE-2024-24468

creationtimestamp| type| source ---|---|--- 2024-02-05 17:22:26+00:00| seen| https://t.me/ctinow/179354 2024-02-08 02:16:40+00:00| seen| https://t.me/ctinow/181093 2024-02-29 09:56:49+00:00| seen| https://t.me/ctinow/196420...

8.8CVSS8.1AI score0.01613EPSS
Exploits1References3
OSV
OSVadded 2024/02/05 4:15 p.m.4 views

CVE-2024-24468

Cross Site Request Forgery vulnerability in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the addcustomblock.php...

8.8CVSS7.8AI score
Exploits0References1
Cvelist
Cvelistadded 2024/02/05 12:0 a.m.13 views

CVE-2024-24468

Cross Site Request Forgery vulnerability in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the addcustomblock.php...

9.1AI score0.01613EPSS
Exploits1References1
CVE
CVEadded 2024/02/05 12:0 a.m.49 views

CVE-2024-24468

CVE-2024-24468 affects flusity-CMS v2.33. A Cross Site Request Forgery allows a remote attacker to execute arbitrary code via add_customblock.php. Severity according to NVD/CVE data is high (CVSS v3.1: 8.8; AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). The vulnerability impact is described as remote arbi...

8.8CVSS8.8AI score0.01613EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2023/03/15 12:0 a.m.95 views

CVE-2023-24468

CVE-2023-24468 affects NetIQ Advanced Authentication. The issue is broken access control in versions prior to 6.4.1.1 and 6.3.7.2. The NVD entry assigns a CVSS v3.1 base score of 9.8 (CRITICAL) with NETWORK attack vector, no user interaction, and high impact on confidentiality, integrity, and ava...

9.8CVSS9.3AI score0.00671EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2023/03/15 12:0 a.m.16 views

CVE-2023-24468

Broken access control in Advanced Authentication versions prior to 6.4.1.1 and 6.3.7.2...

9.6AI score0.00671EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2022/08/30 12:0 a.m.36 views

Security Updates for Microsoft Azure Site Recovery (March 2022)

The Microsoft Azure Site Recovery installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...

9CVSS8AI score0.09894EPSS
Exploits0References12
Circl
Circladded 2022/03/09 8:17 p.m.3 views

CVE-2022-24468

creationtimestamp| type| source ---|---|--- 2022-03-09 20:17:58+00:00| seen| https://t.me/cibsecurity/38596...

7.2CVSS7.4AI score0.07054EPSS
Exploits0References1
CVE
CVEadded 2022/03/09 5:7 p.m.204 views

CVE-2022-24468

CVE-2022-24468 is a remote code execution vulnerability in Microsoft Azure Site Recovery (specifically the VMware-to-Azure recovery scenario). The NVD/MSR entries indicate a network-accessible flaw with a base CVSSv3.1 score of 7.2 (HIGH) and an impact profile of high confidentiality, integrity, ...

7.2CVSS7.3AI score0.07054EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2021/08/02 11:15 a.m.9 views

CVE-2021-24468

The Leaflet Map WordPress plugin before 3.0.0 does not escape some shortcode attributes before they are used in JavaScript code or HTML, which could allow users with a role as low as Contributors to exploit stored XSS issues...

5.4CVSS0.0018EPSS
Exploits2References1
CVE
CVEadded 2021/08/02 10:32 a.m.40 views

CVE-2021-24468

CVE-2021-24468 affects the WordPress Leaflet Map plugin up to version 3.0.0, where shortcode attributes are not escaped before use in JavaScript/HTML, enabling stored XSS by users with as low as Contributor. Impact is stored XSS; remediation is to update to v3.0.0 or newer (per provided records).

5.4CVSS5.3AI score0.0018EPSS
Exploits2References1Affected Software1
Cvelist
Cvelistadded 2021/08/02 10:32 a.m.14 views

CVE-2021-24468 Leaflet Map < 3.0.0 - Contributor+ Stored XSS

The Leaflet Map WordPress plugin before 3.0.0 does not escape some shortcode attributes before they are used in JavaScript code or HTML, which could allow users with a role as low as Contributors to exploit stored XSS issues...

5.5AI score0.0018EPSS
Exploits2References1
Openbugbounty
Openbugbountyadded 2016/07/22 5:50 p.m.8 views

jollychic.com XSS vulnerability

Vulnerable URL: http://www.jollychic.com/topic/editor-choice-t3781.html?lcid=" Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 24468 VIP website status:| Yes Check jollychic.com SSL connection:| Grade: A-...

6.3AI score
Exploits0
CVE
CVEadded 1976/01/01 12:0 a.m.20 views

CVE-2020-24468

CVE-2020-24468 is rejected/not used and does not represent an active vulnerability entry.

6.7AI score
Exploits0
Rows per page
Query Builder