CVE-2024-9253

Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2024-9253 Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability

Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2024-9253

Foxit CVE-2024-9253 affects Foxit PDF Reader/Editor via the AcroForm handling path. The issue is an out-of-bounds read caused by insufficient validation of user-supplied data, leading to information disclosure and, when combined with other vulnerabilities, potential arbitrary code execution in th...

CVE-2023-24492

creationtimestamp| type| source ---|---|--- 2023-07-12 02:29:58+00:00| seen| https://t.me/cibsecurity/66458 2023-07-12 16:23:23+00:00| seen| https://t.me/truesecator/4607...

CVE-2023-24492

The CVE-2023-24492 issue affects the Citrix Secure Access client for Ubuntu. A remote attacker can achieve code execution if a vulnerable user opens an attacker-crafted link and accepts subsequent prompts. Affected versions are prior to 23.5.2; mitigation is to update to 23.5.2 or later as indica...

Citrix Secure Access client for Ubuntu Security Bulletin for CVE-2023-24492

Vulnerabilities have been discovered in Citrix Secure Access client for Ubuntu previously Citrix Gateway VPN client for Ubuntu. The following supported versions are affected by the vulnerability: Versions before 23.5.2 The issue has the following identifier: CVE ID| Affected Products| Description...

CVE-2022-24492

CVE-2022-24492 is a Remote Code Execution vulnerability in Windows RPC Runtime. The connected Akamai blog notes that Windows RPC-related RCE vulnerabilities were patched in Microsoft’s April 2022 Patch Tuesday, including CVE-2022-24492, with patches issued as part of the Windows security updates....

Critical Remote Code Execution Vulnerabilities in Windows RPC Runtime

Microsoft’s April 2022 Patch Tuesday introduced patches to more than a hundred new vulnerabilities in various components. Three critical vulnerabilities were found and patched in Windows RPC Remote Procedure Call runtime: CVE-2022-24492 and CVE-2022-24528 discovered by Yuki Chen with Cyber KunLun...

KB5012653: Windows 10 version 1507 LTS Security Update (April 2022)

The remote Windows host is missing security update 5012653. It is, therefore, affected by multiple vulnerabilities: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2022-26798, CVE-2022-26801, CVE-2022-26786, CVE-2022-24549, CVE-2022-26794,...

KB5012632: Windows Server 2008 Security Update (April 2022)

The remote Windows host is missing security update 5012632 or cumulative update 5012658. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...

KB5012670: Windows 8.1 and Windows Server 2012 R2 Security Update (April 2022)

The remote Windows host is missing security update 5012639 or cumulative update 5012670. It is, therefore, affected by multiple vulnerabilities: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2022-24474, CVE-2022-24481, CVE-2022-24494,...

KB5012666: Windows Server 2012 Security Update (April 2022)

The remote Windows host is missing security update 5012666 or cumulative update 5012650. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...

CVE-2021-24492

CVE-2021-24492 affects WordPress plugin Handsome Testimonials & Reviews (

CVE-2021-24492 Handsome Testimonials & Reviews < 2.1.1 - Authenticated (Subscriber+) SQL Injection

The hndtstactioninstancecallback AJAX call of the Handsome Testimonials & Reviews WordPress plugin before 2.1.1, available to any authenticated users, does not sanitise, validate or escape the hndtstpreviewShortcodeInstanceId POST parameter before using it in a SQL statement, leading to an SQL...

CVE-2020-24492

Insufficient access control in the firmware for the IntelR 722 Ethernet Controllers before version 1.5 may allow a privileged user to potentially enable a denial of service via local access...

CVE-2020-24492

CVE-2020-24492 concerns the Intel(R) 722 Ethernet Controllers firmware, where insufficient access control before version 1.5 may allow a privileged user to cause a local denial of service. The Red Hat and Intel advisories confirm the vulnerability in the 722 family (and related advisories cover b...

Intel Ethernet Controllers Advisory - Lenovo Support US

No description provided...

Wireshark ZigBee ZCL Parser Denial of Service Vulnerability (CNVD-2018-24492)

Wireshark formerly Ethereal is a suite of network packet analysis software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis.ZigBee ZCL dissector is one of the cluster library parsers. A security vulnerability exis...

OpenEMR - Arbitrary &#039;.PHP&#039; File Upload (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "OpenEMR PHP File...

OpenEMR PHP File Upload Vulnerability

This module exploits a vulnerability found in OpenEMR 4.1.1 By abusing the ofcuploadimage.php file from the openflashchart library, a malicious user can upload a file to the tmp-upload-images directory without any authentication, which results in arbitrary code execution. The module has been test...