28 matches found
SUSE CVE-2026-24516
A command injection vulnerability exists in DigitalOcean Droplet Agent through 1.3.2. The troubleshooting actioner component internal/troubleshooting/actioner/actioner.go processes metadata from the metadata service endpoint and executes commands specified in the TroubleshootingAgent.Requesting...
CVE-2026-24516
A command injection vulnerability exists in DigitalOcean Droplet Agent through 1.3.2. The troubleshooting actioner component internal/troubleshooting/actioner/actioner.go processes metadata from the metadata service endpoint and executes commands specified in the TroubleshootingAgent.Requesting...
CVE-2026-24516
A command injection vulnerability exists in DigitalOcean Droplet Agent through 1.3.2. The troubleshooting actioner component internal/troubleshooting/actioner/actioner.go processes metadata from the metadata service endpoint and executes commands specified in the TroubleshootingAgent.Requesting...
CVE-2026-24516
A command injection vulnerability exists in DigitalOcean Droplet Agent through 1.3.2. The troubleshooting actioner component internal/troubleshooting/actioner/actioner.go processes metadata from the metadata service endpoint and executes commands specified in the TroubleshootingAgent.Requesting...
CVE-2026-24516
A command injection vulnerability exists in DigitalOcean Droplet Agent through 1.3.2. The troubleshooting actioner component internal/troubleshooting/actioner/actioner.go processes metadata from the metadata service endpoint and executes commands specified in the TroubleshootingAgent.Requesting...
CVE-2026-24516
creationtimestamp| type| source ---|---|--- 2026-03-22 21:00:03+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/76685 2026-04-03 09:00:05+00:00| published-proof-of-concept| Telegram/iJe41NTkZQJK4wFVG9OP9y2V0JVLEcjlDCmGEFn1YNc-zvI...
PT-2026-4632
Name of the Vulnerable Software and Affected Versions DigitalOcean Droplet Agent versions through 1.3.2 Description A command injection issue exists due to inadequate input validation when processing metadata from the metadata service endpoint. Specifically, the troubleshooting actioner component...
CVE-2020-24516
Modification of assumed-immutable data in subsystem in IntelR CSME versions before 13.0.47, 13.30.17, 14.1.53, 14.5.32, 15.0.22 may allow an unauthenticated user to potentially enable escalation of privilege via physical access...
CVE-2023-24516
creationtimestamp| type| source ---|---|--- 2025-09-07 16:43:20+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lyb543bnq6b2...
CVE-2021-24516
The PlanSo Forms WordPress plugin through 2.6.3 does not escape the title of its Form before outputting it in attributes, allowing high privilege users such as admin to set XSS payload in it, even when the unfilteredhtml is disallowed, leading to an Authenticated Stored Cross-Site Scripting issue...
CVE-2023-24516
Cross-site Scripting XSS vulnerability in the Pandora FMS Special Days component allows an attacker to use it to steal the session cookie value of admin users easily with little user interaction. This issue affects Pandora FMS v767 version and prior versions on all platforms...
CVE-2023-24516
CVE-2023-24516 is a Cross-site Scripting (XSS) vulnerability in the Pandora FMS Special Days component. The issue can allow an attacker to steal the admin session cookie, with little user interaction, and affects Pandora FMS v767 and earlier on all platforms. The nature of the flaw is stored XSS ...
CVE-2023-24516 Stored Cross Site Scripting - Special Days Module
Cross-site Scripting XSS vulnerability in the Pandora FMS Special Days component allows an attacker to use it to steal the session cookie value of admin users easily with little user interaction. This issue affects Pandora FMS v767 version and prior versions on all platforms...
Security Updates for Exchange (October 2022)
The Microsoft Exchange Server installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. CVE-2022-21979,CVE-2022-30134,...
CVE-2022-24516
creationtimestamp| type| source ---|---|--- 2022-08-29 20:46:30+00:00| published-proof-of-concept| https://t.me/avleonovrus/79...
Security Updates for Exchange (August 2022)
The Microsoft Exchange Server installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. CVE-2022-21979,CVE-2022-30134,...
CVE-2022-24516
Microsoft Exchange Server Elevation of Privilege Vulnerability...
CVE-2022-24516
Microsoft Exchange Server Elevation of Privilege Vulnerability...
CVE-2022-24516 Microsoft Exchange Server Elevation of Privilege Vulnerability
...
CVE-2022-24516
CVE-2022-24516 is an Elevation of Privilege in Microsoft Exchange Server. Public docs and patch guidance show affected products across Exchange Server versions (e.g., Exchange Server 2013 CU23, 2016 CU23, 2019 CU12/11) with vulnerability details classified as EoP. The root cause involves privileg...