binarium (=2.1.3), gotoeasy-npm (>=0.0.7 <=0.0.11) +3 more potentially affected by CVE-2026-24884 +1 more via compressing (>=2.0.0 <=2.1.0)

compressing NPM version =2.0.0, =0.0.7, =0.0.20, =1.1.4, =1.2.1 Source cves: CVE-2026-24884, CVE-2026-40931 Source advisory: SNYK:JS-COMPRESSING-16108999...

@andy9879/log-file (>=1.0.1 <=1.0.3), @baosight/federation-types (>=0.0.1 <=0.0.3) +116 more potentially affected by CVE-2026-24884 +1 more via compressing (>=1.10.0 <=1.10.4)

compressing NPM version =1.10.0, =1.0.1, =0.0.1, =1.3.2, =0.1.2, =0.1.2, =1.0.18, =1.5.2, =1.5.2, =1.0.2, =0.0.1-2, =3.3.0, =1.0.3, =1.0.4, =1.0.5 and more Source cves: CVE-2026-24884, CVE-2026-40931 Source advisory: SNYK:JS-COMPRESSING-16108999...

binarium (=2.1.3), hunter-open-sdk (>=0.0.20 <=2.0.0-beta.18) potentially affected by CVE-2026-24884 via compressing (=2.0.0)

compressing NPM version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on compressing and may be impacted: - binarium =2.1.3 - hunter-open-sdk =0.0.20, =2.0.0-beta.18 Source cves: CVE-2026-24884 Source advisory: SNYK:JS-COMPRESSING-15202444...

@baosight/federation-types (>=0.0.1 <=0.0.3), @bepp/api (>=1.3.2 <=1.3.17) +18 more potentially affected by CVE-2026-24884 via compressing (>=1.10.0 <=1.10.3)

compressing NPM version =1.10.0, =0.0.1, =1.3.2, =0.1.2, =0.1.2, =1.0.18, =1.5.2, =1.5.2, =3.3.0, =1.0.3, =1.0.4, =2.2.0-rc.0, =2.2.0-rc.0, =1.0.0, =0.0.1-beta.1, =1.0.0, =1.0.9-beta.3 and more Source cves: CVE-2026-24884 Source advisory: SNYK:JS-COMPRESSING-15202444...

CVE-2026-24884

creationtimestamp| type| source ---|---|--- 2026-02-03 08:16:40+00:00| published-proof-of-concept| https://github.com/node-modules/compressing/security/advisories/GHSA-cc8f-xg8v-72m3 2026-02-04 20:40:57+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3me2qdesbdx2v 2026-04-21...

CVE-2025-24884

kube-audit-rest is a simple logger of mutation/creation requests to the k8s api. If the "full-elastic-stack" example vector configuration was used for a real cluster, the previous values of kubernetes secrets would have been disclosed in the audit messages. This vulnerability is fixed in 1.0.16...

SUSE CVE-2025-24884

kube-audit-rest is a simple logger of mutation/creation requests to the k8s api. If the "full-elastic-stack" example vector configuration was used for a real cluster, the previous values of kubernetes secrets would have been disclosed in the audit messages. This vulnerability is fixed in 1.0.16...

CVE-2025-24884

kube-audit-rest is a simple logger of mutation/creation requests to the k8s api. If the "full-elastic-stack" example vector configuration was used for a real cluster, the previous values of kubernetes secrets would have been disclosed in the audit messages. This vulnerability is fixed in 1.0.16...

CVE-2025-24884 kube-audit-rest's example logging configuration could disclose secret values in the audit log

kube-audit-rest is a simple logger of mutation/creation requests to the k8s api. If the "full-elastic-stack" example vector configuration was used for a real cluster, the previous values of kubernetes secrets would have been disclosed in the audit messages. This vulnerability is fixed in 1.0.16...

CVE-2025-24884 kube-audit-rest's example logging configuration could disclose secret values in the audit log

kube-audit-rest is a simple logger of mutation/creation requests to the k8s api. If the "full-elastic-stack" example vector configuration was used for a real cluster, the previous values of kubernetes secrets would have been disclosed in the audit messages. This vulnerability is fixed in 1.0.16...

CVE-2025-24884 kube-audit-rest's example logging configuration could disclose secret values in the audit log

kube-audit-rest is a simple logger of mutation/creation requests to the k8s api. If the "full-elastic-stack" example vector configuration was used for a real cluster, the previous values of kubernetes secrets would have been disclosed in the audit messages. This vulnerability is fixed in 1.0.16...

CVE-2025-24884

The CVE-2025-24884 entry concerns kube-audit-rest, a simple logger for Kubernetes API mutations. When the here-described full-elastic-stack example vector is used, previous values of Kubernetes secrets could be disclosed in audit messages due to the logger capturing sensitive data. Fixed in versi...

CVE-2024-24884

creationtimestamp| type| source ---|---|--- 2024-02-12 10:22:07+00:00| seen| https://t.me/ctinow/183007...

CVE-2024-24884

Summary: CVE-2024-24884 is a CSRF vulnerability in the ARI Soft Contact Form 7 Connector plugin for WordPress. The issue affects versions up to and including 1.2.2 and can be triggered without authentication, enabling an attacker to induce state-changing actions in a user’s session. The patchstac...

WordPress Contact Form 7 Connector Plugin <= 1.2.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Contact Form 7 Connector Type Plugin Vulnerable versions = 1.2.2 Fixed in 1.2.3 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-24884 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ee996476bd59 Credits Dhabaleshw...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS : ECDSA Util vulnerability (USN-6239-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6239-1 advisory. It was discovered that ECDSA Util did not properly verify certain signature values. An attacker could possibly use this issue ...

CVE-2023-24884

creationtimestamp| type| source ---|---|--- 2023-04-12 00:23:46+00:00| seen| https://t.me/cibsecurity/61928...

CVE-2023-24884

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability...

CVE-2023-24884

Technical details about CVE-2023-24884 (affected product, vulnerable component, root cause, impact, and fixes) are not publicly provided in the connected documents you supplied. Monitor for updates from official advisories and CVE repositories to obtain concrete remediation guidance.

CVE-2023-24884 Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

...