CVE-2020-24556

A vulnerability in Trend Micro Apex One, OfficeScan XG SP1, Worry-Free Business Security 10 SP1 and Worry-Free Business Security Services on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege escalation and...

CVE-2025-24556

Insertion of Sensitive Information into Log File vulnerability in DualCube MooWoodle moowoodle allows Retrieve Embedded Sensitive Data.This issue affects MooWoodle: from n/a through = 3.2.4...

CVE-2025-24556

creationtimestamp| type| source ---|---|--- 2025-02-03 15:18:07+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhbtn63tgo2i 2025-02-03 17:10:42+00:00| seen| https://infosec.exchange/users/cve/statuses/113941062690120863...

CVE-2025-24556 WordPress MooWoodle plugin <= 3.2.4 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information into Log File vulnerability in DualCube MooWoodle moowoodle allows Retrieve Embedded Sensitive Data.This issue affects MooWoodle: from n/a through = 3.2.4...

CVE-2025-24556 WordPress MooWoodle plugin <= 3.2.4 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information into Log File vulnerability in DualCube MooWoodle moowoodle allows Retrieve Embedded Sensitive Data.This issue affects MooWoodle: from n/a through = 3.2.4...

@enalmada/next-gql (>=0.0.4 <=0.1.3) potentially affected by CVE-2024-24556 via @urql/next (>=1.0.0 <=1.1.0)

@urql/next NPM version =1.0.0, =0.0.4, =0.1.3 Source cves: CVE-2024-24556 Source advisory: OSV:GHSA-QHJF-HM5J-335W...

CVE-2024-24556

creationtimestamp| type| source ---|---|--- 2024-01-30 19:26:18+00:00| seen| https://t.me/ctinow/176194 2024-02-22 09:07:39+00:00| seen| https://t.me/ctinow/190548...

CVE-2024-24556 XSS in @urql/next

urql is a GraphQL client that exposes a set of helpers for several frameworks. The @urql/next package is vulnerable to XSS. To exploit this an attacker would need to ensure that the response returns html tags and that the web-application is using streamed responses non-RSC. This vulnerability is...

CVE-2023-24556

Solid Edge CVE-2023-24556 affects Siemens Solid Edge SE2022 (all versions) and SE2023 (all versions) with an out-of-bounds read past the end of an allocated structure while parsing specially crafted PAR files. The vulnerability could allow code execution in the context of the current process. Pub...

CVE-2023-24556

A vulnerability has been identified in Solid Edge SE2022 All versions V222.0MP12, Solid Edge SE2023 All versions V223.0Update2. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to...

CVE-2021-24556

creationtimestamp| type| source ---|---|--- 2021-08-23 16:23:10+00:00| seen| https://t.me/cibsecurity/27692...

CVE-2021-24556

The CVE-2021-24556 entry affects WordPress Email Subscriber plugin versions up to 1.1, where the kento_email_subscriber_ajax action fails to sanitize/validate/escape POST parameters subscribe_email and subscribe_name. This causes stored XSS by injecting unsanitized data into the DB and echoing it...

CVE-2021-24556 Email Subscriber <= 1.1 - Unauthenticated Stored Cross-Site Scripting (XSS)

The kentoemailsubscriberajax AJAX action of the Email Subscriber WordPress plugin through 1.1, does not properly sanitise, validate and escape the submitted subscribeemail and subscribename POST parameters, inserting them in the DB and then outputting them back in the Subscriber list...

CVE-2020-24562

A vulnerability in Trend Micro OfficeScan XG SP1 on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege escalation and code execution. An attacker must first obtain the ability to execute low-privileged code ...

Hardcoded credentials

A vulnerability in Trend Micro OfficeScan XG SP1 on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege escalation and code execution. An attacker must first obtain the ability to execute low-privileged code ...

CVE-2020-24556

Summary (CVE-2020-24556 family) : Affected Trend Micro products running on Windows (Apex One, OfficeScan XG SP1, Worry-Free Business Security 10 SP1/Services). The core issue is a privilege-escalation/vector via creating a hard link to arbitrary files, enabling code execution after an attacker ga...

CVE-2013-7280

creationtimestamp| type| source ---|---|--- 2013-03-01 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/24556 2013-11-05 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/29445...