CVE-2024-24940

In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives...

CVE-2021-24940

The Persian Woocommerce WordPress plugin through 5.8.0 does not escape the s parameter before outputting it back in an attribute in the admin dashboard, which could lead to a Reflected Cross-Site Scripting issue...

CVE-2020-24940

An issue was discovered in Laravel before 6.18.34 and 7.x before 7.23.2. Unvalidated values are saved to the database in some situations in which table names are stripped during a mass assignment...

CVE-2024-24940

In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives...

CVE-2024-24940

JetBrains IntelliJ IDEA prior to 2023.3.3 is affected by CVE-2024-24940, where path traversal is possible when unpacking archives. The issue arises in the Archive Extraction Handler component of the IDE. Red Hat and other sources confirm the vulnerability affects versions before 2023.3.3. Reporte...

CVE-2022-24940

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none...

CVE-2023-24940

Technical details for CVE-2023-24940 are not publicly available in the provided documents. The connected items reference the CVE but do not specify affected products, versions, root cause, or fixes. Monitor for updates.

CVE-2023-24940 Windows Pragmatic General Multicast (PGM) Denial of Service Vulnerability

...

CVE-2021-24940

creationtimestamp| type| source ---|---|--- 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-24940.yaml...

CVE-2021-24940

The Persian Woocommerce WordPress plugin through 5.8.0 does not escape the s parameter before outputting it back in an attribute in the admin dashboard, which could lead to a Reflected Cross-Site Scripting issue...

CVE-2021-24940

The CVE-2021-24940 issue affects the WordPress Persian Woocommerce plugin until version 5.8.0, where the s parameter is not escaped before being output in an admin-dashboard attribute, enabling reflected Cross-Site Scripting. Exploitation could load arbitrary scripts in users’ browsers and potent...

CVE-2021-24940 Persian Woocommerce <= 5.8.0 - Reflected Cross-Site Scripting

The Persian Woocommerce WordPress plugin through 5.8.0 does not escape the s parameter before outputting it back in an attribute in the admin dashboard, which could lead to a Reflected Cross-Site Scripting issue...

CVE-2020-24940

Laravel CVE-2020-24940 affects Laravel before 6.18.34 and 7.x before 7.23.2. The issue arises when unvalidated values are saved to the database in situations where table names are stripped during mass assignment, enabling unintended database writes. Connected records corroborate the affected vers...

Microsoft Internet Explorer Security Bypass Vulnerability (CNVD-2018-24940)

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Internet Explorer IE is a Web browser that comes with the Windows operating system. A security feature bypass vulnerability exists in Microsoft IE version 11. A remote attacker with a...

Security Advisory: Login bypass in LedgerSMB 1.2.0 through 1.2.6

A security issue has been found which allows an unauthenticated user to bypass the authentication system in LedgerSMB 1.2.0 through 1.2.6. Severity: Highly Critical Versions affected: 1.2.0 through 1.2.6 Status: Vendor solution available upgrade to 1.2.7 Effect: Authentication bypass. Required...

CVE-2022-24940

CVE-2022-24940 is rejected/not used; this entry does not represent an active vulnerability.