21 matches found
CVE-2026-24509
Dell Alienware Command Center AWCC, versions prior to 6.12.24.0, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service...
CVE-2021-24509
The Page View Count WordPress plugin before 2.4.9 does not escape the postid parameter of pvcstats shortcode, allowing users with a role as low as Contributor to perform Stored XSS attacks. A post made by a contributor would still have to be approved by an admin to have the XSS triggered in the...
CVE-2023-24509
creationtimestamp| type| source ---|---|--- 2023-04-14 00:25:30+00:00| seen| https://t.me/cibsecurity/62095...
CVE-2023-24509
On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading to a privilege escalation. Valid user credentia...
CVE-2023-24509
CVE-2023-24509 affects Arista EOS on modular platforms with dual redundant supervisors and redundancy protocol set to RPR or SSO. A privileged escalation occurs when an unprivileged user can log into the standby supervisor as root, using valid credentials; local access is assumed. The issue has b...
Security Advisory 0082
Security Advisory 0082 . CSAF PDF Date: February 14, 2023 Revision | Date | Changes ---|---|--- 1.0 | February 14th, 2023 | Initial release 1.1 | February 22nd, 2023 | Update the Hotfix SWIX The CVE-ID tracking this issue: CVE-2023-24509 CVSSv3.1 Base Score: 9.3...
Intel CSME, SPS, and LMS Advisory - Lenovo Support US
No description provided...
Security Updates for Microsoft Office Products C2R (March 2022)
The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - Multiple code execution vulnerabilities. An attacker can exploit these to bypass authentication and execute unauthorized arbitrary commands. CVE-2022-24461, CVE-2022-24509,...
2021.1 IPU – Intel® CSME, SPS and LMS Advisory
Summary: Potential security vulnerabilities in the Intel® Converged Security and Manageability Engine CSME, Server Platform Services SPS, and Intel® Local Manageability Service Intel® LMS may allow escalation of privilege or information disclosure. Intel is releasing firmware and software updates...
Security Updates for Microsoft Visio Products (March 2022) (deprecated)
This plugin has been deprecated to be brought in line with Tenable's C2R plugin policy. Pleas use smbntms22marvisioc2r.nasl instead. %NASLMINLEVEL 70300 C Tenable, Inc. @DEPRECATED@ Disabled on 2022/06/09. Deprecated by smbntms22marvisioc2r.nasl. include'deprecatednasllevel.inc';...
Security Updates for Microsoft Office Products (March 2022) (deprecated)
This plugin has been deprecated to be brought in line with Tenable's C2R plugin policy. Pleas use smbntms22marofficec2r.nasl instead. %NASLMINLEVEL 70300 C Tenable, Inc. @DEPRECATED@ Disabled on 2022/06/09. Deprecated by smbntms22marofficec2r.nasl. include'deprecatednasllevel.inc';...
CVE-2022-24509
creationtimestamp| type| source ---|---|--- 2022-03-09 20:12:06+00:00| seen| https://t.me/cibsecurity/38584...
CVE-2022-24509
Microsoft Office Visio Remote Code Execution Vulnerability...
CVE-2022-24509
Microsoft Office Visio Remote Code Execution Vulnerability...
CVE-2022-24509
Microsoft Office Visio Remote Code Execution Vulnerability...
CVE-2022-24509 Microsoft Office Visio Remote Code Execution Vulnerability
...
CVE-2022-24509
CVE-2022-24509 affects Microsoft Office Visio and is described as a Remote Code Execution Vulnerability. The NVD entry lists a CVSSv3.1 base score of 7.8 (HIGH) with local attack vector, user interaction required, and high impact on confidentiality, integrity, and availability; CVSSv2 indicates b...
CVE-2021-24509
The CVE-2021-24509 vulnerability affects the WordPress Page View Count plugin before 2.4.9. The pvc_stats shortcode’s postid parameter is not escaped, allowing Stored XSS when mishandled inputs reach the frontend. Impact notes indicate that contributors can trigger XSS (with admin approval possib...
CVE-2020-24509
creationtimestamp| type| source ---|---|--- 2021-06-10 02:57:58+00:00| published-proof-of-concept| Telegram/EWrS8OK0MJtkZfkuHdQY274CpPEyUpLRepZDBB7JClshr3k...
CVE-2020-24509
Insufficient control flow management in subsystem in IntelR SPS versions before SPSE305.01.04.300.0, SPSSoC-A05.00.03.091.0, SPSE504.04.04.023.0, or SPSE504.04.03.263.0 may allow a privileged user to potentially enable escalation of privilege via local access...