CVE-2026-24477

creationtimestamp| type| source ---|---|--- 2026-01-27 03:32:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdet5sfbzm2n 2026-01-29 02:12:43+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdjpm6pwfj2a 2026-03-17 06:30:09+00:00| confirmed|...

CVE-2026-24477

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. If AnythingLLM prior to version 1.10.0 is configured to use Qdrant as the vector database with an API key, this QdrantApiKey could be exposed in plain text to unauthenticate...

CVE-2025-24477

A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.4 through 7.2.12 allows an attacker to escalate its privileges via a specially crafted CLI command...

CVE-2025-24477

A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.4 through 7.2.12 allows an attacker to escalate its privileges via a specially crafted CLI command...

CVE-2025-24477

Fortinet FortiOS is affected by a heap-based buffer overflow allowing privilege escalation via specially crafted CLI commands. Affected versions include FortiOS 7.6.0–7.6.2, 7.4.0–7.4.7, and 7.2.4–7.2.12 (per CVE-2025-24477). The underlying issue is described as a boundary checking/heap overflow ...

CVE-2025-24477

A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.4 through 7.2.12 allows an attacker to escalate its privileges via a specially crafted CLI command...

CVE-2025-24477

A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.4 through 7.2.12 allows an attacker to escalate its privileges via a specially crafted CLI command...

Fortinet Fortigate Heap-based buffer overflow in cw_stad daemon (FG-IR-25-026)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-25-026 advisory. - A heap-based buffer overflow in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.4 through...

CVE-2023-24477

creationtimestamp| type| source ---|---|--- 2023-08-09 12:16:05+00:00| seen| https://t.me/cibsecurity/68071...

CVE-2023-24477

In certain conditions, depending on timing and the usage of the Chrome web browser, Guardian/CMC versions before 22.6.2 do not always completely invalidate the user session upon logout. Thus an authenticated local attacker may gain acces to the original user's session...

CVE-2023-24477 Session Fixation in Guardian/CMC before 22.6.2

In certain conditions, depending on timing and the usage of the Chrome web browser, Guardian/CMC versions before 22.6.2 do not always completely invalidate the user session upon logout. Thus an authenticated local attacker may gain acces to the original user's session...

CVE-2023-24477

CVE-2023-24477 affects Nozomi Guardian/CMC; before 22.6.2, due to timing with Chrome, logout does not always fully invalidate the user session. This creates a local, authenticated attacker capability to access the original user session. Connected sources (Siemens/CISA advisories and vendor notes)...

CVE-2020-24477

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

Security Updates for Exchange (October 2022)

The Microsoft Exchange Server installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. CVE-2022-21979,CVE-2022-30134,...

CVE-2022-24477

creationtimestamp| type| source ---|---|--- 2022-08-29 20:46:30+00:00| published-proof-of-concept| https://t.me/avleonovrus/79...

Security Updates for Exchange (August 2022)

The Microsoft Exchange Server installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. CVE-2022-21979,CVE-2022-30134,...

CVE-2022-24477

CVE-2022-24477 is a Microsoft Exchange Server Elevation of Privilege vulnerability affecting Exchange Server 2013 CU23, 2016 CU22/23, and 2019 CU11/12. It stems from an incorrect call to a high‑level native procedure, enabling an authenticated attacker to elevate privileges and access mailboxes (...

CVE-2022-24477 Microsoft Exchange Server Elevation of Privilege Vulnerability

...

Vulnerabilities fixed in Microsoft Exchange Server

Vulnerabilities have been fixed in Microsoft Exchange Server. The vulnerabilities allow a malicious party to gain access to sensitive data or obtain elevated privileges. The vulnerability with reference CVE-2022-24477 allows an authenticated malicious person to gain access to mailboxes of other...

CVE-2021-24477

The CVE-2021-24477 entry concerns the WordPress Migrate Users plugin (