CVE-2026-24586

Missing Authorization vulnerability in Themeansar Newses allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Newses: from n/a through 2.0.0.77...

CVE-2025-24586

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bitsstech Shipment Tracker for Woocommerce shipment-tracker-for-woocommerce allows Reflected XSS.This issue affects Shipment Tracker for Woocommerce: from n/a through = 1.4.23...

CVE-2025-24586

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bitsstech Shipment Tracker for Woocommerce shipment-tracker-for-woocommerce allows Reflected XSS.This issue affects Shipment Tracker for Woocommerce: from n/a through = 1.4.23...

CVE-2025-24586 WordPress Shipment Tracker for Woocommerce plugin <= 1.4.23 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bitsstech Shipment Tracker for Woocommerce shipment-tracker-for-woocommerce allows Reflected XSS.This issue affects Shipment Tracker for Woocommerce: from n/a through = 1.4.23...

CVE-2025-24586

The CVE-2025-24586 entry concerns bitsstech Shipment Tracker for Woocommerce (WordPress plugin). Affected component: the Shipment Tracker for Woocommerce plugin, version range n/a through 1.4.23. Root cause: Improper Neutralization of Input During Web Page Generation, i.e., a Reflected XSS vulner...

Linux Distros Unpatched Vulnerability : CVE-2020-24586

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that received fragments be cleare...

Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2021-9453)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-9453 advisory. - KVM: do not allow mapping valid but non-reference-counted pages Nicholas Piggin Orabug: 33054089 CVE-2021-22543 CVE-2021-22543 - Input: joydev -...

CVE-2023-24586

Cleartext storage of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote authenticated attacker to obtain an APN credential for the product...

CVE-2023-24586

Cleartext storage of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote authenticated attacker to obtain an APN credential for the product...

CVE-2023-24586

Cleartext storage of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote authenticated attacker to obtain an APN credential for the product...

CVE-2023-24586

Cleartext storage of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote authenticated attacker to obtain an APN credential for the product...

Debian: Security Advisory (DLA-3380-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)

Debian LTS Advisory DLA-3380-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost April 01, 2023 https://wiki.debian.org/LTS Package : firmware-nonfree Version : 20190114+really20220913-0+deb10u1 CVE ID : CVE-2020-12362 CVE-2020-12363 CVE-2020-12364 CVE-2020-24586...

EulerOS 2.0 SP3 : kernel (EulerOS-SA-2022-1735)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Wi-Fi Protected Access WPA and WPA2 allows reinstallation of the Group Temporal Key GTK during the group key handshake, allowing an attacker...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1681)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2022-002 (ALASKERNEL-5.10-2022-002)

The version of kernel installed on the remote host is prior to 5.10.47-39.130. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-002 advisory. A flaw was found in the Linux kernels implementation of wifi fragmentation handling. An attacker with the...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2022-004 (ALASKERNEL-5.4-2022-004)

The version of kernel installed on the remote host is prior to 5.4.129-62.227. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-004 advisory. A flaw was found in the Linux kernels implementation of wifi fragmentation handling. An attacker with the...

Mitsubishi Electric GT25-WLAN

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: Wireless LAN communication unit GT25-WLAN in GOT2000 Series GT25 or GT27 Vulnerabilities: Improper Removal of Sensitive Information Before Storage or Transfer, Inadequate Encryption Strength,...

CVE-2022-24586

CVE-2022-24586: A stored XSS in PluXml v5.8.7 affecting /core/admin/categories.php, where crafted payloads in content and thumbnail parameters enable execution of arbitrary scripts/HTML. Exploit details and impact are described across multiple sources referencing the same vector; the exact remedi...

Ubuntu: Security Advisory (USN-4997-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...