CVE-2021-24503

The Popular Brand Icons – Simple Icons WordPress plugin before 2.7.8 does not sanitise or validate some of its shortcode parameters, such as "color", "size" or "class", allowing users with a role as low as Contributor to set Cross-Site payload in them. A post made by a contributor would still hav...

Linux Distros Unpatched Vulnerability : CVE-2020-24503

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient access control in some IntelR Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable...

CVE-2025-24503

creationtimestamp| type| source ---|---|--- 2025-01-30 22:38:27+00:00| seen| https://t.me/cvedetector/16828 2025-02-06 02:43:28+00:00| seen| Telegram/ulz5lafTUlslDW4yVch3hy2al9cShAA2wXHAY0hPApSFdKL 2025-02-06 04:56:04+00:00| seen|...

CVE-2025-24503

A malicious actor can fix the session of a PAM user by tricking the user to click on a specially crafted link to the PAM server...

CVE-2025-24503

Symantec Privileged Access Management (PAM) is affected by CVE-2025-24503. The PT-2025-5375 entry provides concrete details: versions prior to 4.2.1 are vulnerable to a cross-site request forgery-style issue where a malicious actor can fix ( hijack ) a PAM session by tricking a user into clicking...

CVE-2025-24503

A malicious actor can fix the session of a PAM user by tricking the user to click on a specially crafted link to the PAM server...

CVE-2025-24503

A malicious actor can fix the session of a PAM user by tricking the user to click on a specially crafted link to the PAM server...

CVE-2024-11793

Fuji Electric Monitouch V-SFT V9C File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in th...

CVE-2024-11793

Concrete details found: Fuji Electric Monitouch V-SFT vulnerable via V9C file parsing. Root cause is lack of validation of user-supplied data, causing a write past the end of a stack buffer and arbitrary code execution in the current process. Exploitation requires user interaction (visiting a mal...

CVE-2024-11793 Fuji Electric Monitouch V-SFT V9C File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Fuji Electric Monitouch V-SFT V9C File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in th...

CVE-2024-11793 Fuji Electric Monitouch V-SFT V9C File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Fuji Electric Monitouch V-SFT V9C File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in th...

CVE-2023-24503 Electra Smart Kit for Split AC – Adjacent attacker may cause the unit to load unauthorized FW

Electra Central AC unit – Adjacent attacker may cause the unit to load unauthorized FW...

CVE-2023-24503

The CVE-2023-24503 entry concerns the Electra Central AC unit (Electra Smart Kit for Split AC). The connected records describe an adjacent- attacker capability to cause the unit to load unauthorized firmware, indicating the vulnerable component/process is tied to firmware loading mechanisms. Spec...

K24920320: Intel Ethernet Adapter Driver vulnerabilities CVE-2020-24502, CVE-2020-24503 and CVE-2020-24504

Security Advisory Description CVE-2020-24502 Improper input validation in some IntelR Ethernet E810 Adapter drivers for Linux before version 1.0.4 and before version 1.4.29.0 for Windows, may allow an authenticated user to potentially enable a denial of service via local access. CVE-2020-24503...

CVE-2022-24503

creationtimestamp| type| source ---|---|--- 2022-03-09 20:12:25+00:00| seen| https://t.me/cibsecurity/38594...

CVE-2022-24503

Remote Desktop Protocol Client Information Disclosure Vulnerability...

CVE-2022-24503

CVE-2022-24503 is a Remote Desktop Protocol Client Information Disclosure vulnerability. Connected sources indicate it affects Windows Remote Desktop Client and can be triggered over the network with no authentication and no user interaction, exposing partial confidentiality (C:L). The issue is t...

KB5011491: Windows 10 LTS 1507 Security Update (March 2022)

The remote Windows host is missing security update 5011491. It is, therefore, affected by multiple vulnerabilities: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2022-23283, CVE-2022-24459, CVE-2022-23284, CVE-2022-23296, CVE-2022-23287,...

KB5011497: Windows Server 2022 Security Update (March 2022)

The remote Windows host is missing security update 5011497. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2022-21990, CVE-2022-23294,...

KB5011495: Windows 10 Version 1607 and Windows Server 2016 Security Update (March 2022)

The remote Windows host is missing security update 5011495. It is, therefore, affected by multiple vulnerabilities - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2022-23283, CVE-2022-23284, CVE-2022-23287, CVE-2022-23290, CVE-2022-23293,...