17 matches found
CVE-2026-24520
creationtimestamp| type| source ---|---|--- 2026-05-26 22:41:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mms2sermvv2k...
CVE-2025-24520
Insertion of sensitive information into log file for some IntelR Local Manageability Service software before version 2514.7.16.0 may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2025-24520
CVE-2025-24520 affects Intel® Local Manageability Service prior to 2514.7.16.0. Inserting sensitive information into a log file may allow an authenticated local attacker to disclose data. Remediation: update LMS to 2514.7.16.0 or later. No exploitation details are provided in the documents; CVSS ...
Intel® Local Manageability Service Advisory
Summary: A potential security vulnerability in the Intel® Local Manageability Service Intel® LMS may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-24520 Description: Insertion of sensitive...
CVE-2024-24520
An issue in Lepton CMS v.7.0.0 allows a local attacker to execute arbitrary code via the upgrade.php file in the languages place...
CVE-2023-24520
Two OS command injection vulnerability exist in the vtyshubus toolshexcute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is i...
CVE-2023-24520
Two OS command injection vulnerability exist in the vtyshubus toolshexcute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is i...
CVE-2023-24520
Two OS command injection vulnerability exist in the vtyshubus toolshexcute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is i...
CVE-2023-24520
Milesight UR32L (v32.3.0.5) contains multiple OS command injection vulnerabilities described by Talos (CVE-2023-24519, CVE-2023-24520) in the vtysh_ubus toolsh_excute.constprop.1 path (e.g., traceroute/ping) and related HTTP/server-side components. Exploitation can occur via specially crafted net...
Security Updates for Microsoft Azure Site Recovery (March 2022)
The Microsoft Azure Site Recovery installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...
CVE-2022-24520
creationtimestamp| type| source ---|---|--- 2022-03-09 20:17:58+00:00| seen| https://t.me/cibsecurity/38596...
CVE-2022-24520
CVE-2022-24520 is an Azure Site Recovery remote code execution vulnerability affecting the VMware-to-Azure recovery scenario. Public sources corroborate an RCE impact with network access and no user interaction, and Microsoft’s advisories/updates indicate fixes have been released (MS22-5011122) a...
CVE-2021-24520
The Stock in & out WordPress plugin through 1.0.4 lacks proper sanitization before passing variables to an SQL request, making it vulnerable to SQL Injection attacks. Users with a role of contributor or higher can exploit this vulnerability...
CVE-2021-24520
CVE-2021-24520 affects the WordPress plugin Stock in & out (
CVE-2021-24520 Stock in & out <= 1.0.4 - Authenticated SQL Injection
The Stock in & out WordPress plugin through 1.0.4 lacks proper sanitization before passing variables to an SQL request, making it vulnerable to SQL Injection attacks. Users with a role of contributor or higher can exploit this vulnerability...
CVE-2020-24520
...
CVE-2020-24520
CVE-2020-24520 entry is rejected and not used; it does not represent an active vulnerability.