CVE-2022-31246

paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment request e.g., within QR code data. On Windows, this can lead to capture of credentials over SMB. On Linux and UNIX, it can lead to a denial of service by specifying the /dev/zero filename...

CVE-2023-31246

Incorrect default permissions in some IntelR SDP Tool software before version 1.4 build 5 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2025-31246

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6. Connecting to a malicious AFP server may corrupt kernel memory...

CVE-2025-31246

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6. Connecting to a malicious AFP server may corrupt kernel memory...

CVE-2025-31246

CVE-2025-31246 affects macOS AFP handling (afpfs) where connecting to a malicious AFP server may corrupt kernel memory. Apple fixes address with improved memory handling in macOS Sequoia 15.5 and macOS Sonoma 14.7.6. The NVD entry confirms the issue is resolved by these updates; other connected s...

CVE-2025-31246

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6. Connecting to a malicious AFP server may corrupt kernel memory...

CVE-2024-31246

Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PostX: from n/a through = 3.2.3...

CVE-2024-31246

CVE-2024-31246 is a Missing Authorization vulnerability in PostX – Gutenberg Blocks for Post Grid (Post Grid Team by WPXPO). Affected: PostX – Gutenberg Blocks for Post Grid, versions up to and including 3.2.3 (n/a–3.2.3). Root cause: missing authorization allows unauthorized access/modification ...

WordPress PostX Plugin <= 3.2.3 is vulnerable to Broken Access Control

Software PostX Type Plugin Vulnerable versions = 3.2.3 Fixed in 3.2.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-31246 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 28b8452ef2a5 Credits movrment Required privilege Author...

CVE-2023-31246

creationtimestamp| type| source ---|---|--- 2023-08-11 07:29:37+00:00| seen| https://t.me/cibsecurity/68298...

CVE-2023-31246

Incorrect default permissions in some IntelR SDP Tool software before version 1.4 build 5 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-31246

Incorrect default permissions in some IntelR SDP Tool software before version 1.4 build 5 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-31246

CVE-2023-31246 : Intel SDP Tool software prior to version 1.4 build 5 contains incorrect default permissions that may allow an authenticated, locally privileged user to escalate privileges. Affected product: Intel® Server Debug and Provisioning (SDP) Tool (Windows) prior to 1.4 build 5. Root caus...

CVE-2023-31246

Incorrect default permissions in some IntelR SDP Tool software before version 1.4 build 5 may allow an authenticated user to potentially enable escalation of privilege via local access...

Intel® SDP Tool Software Advisory

Summary: A potential security vulnerability in some Intel® Server Debug and Provisioning SDP Tool software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-31246 Description: Incorrect default...

CVE-2022-31246

paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment request e.g., within QR code data. On Windows, this can lead to capture of credentials over SMB. On Linux and UNIX, it can lead to a denial of service by specifying the /dev/zero filename...

CVE-2022-31246

paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment request e.g., within QR code data. On Windows, this can lead to capture of credentials over SMB. On Linux and UNIX, it can lead to a denial of service by specifying the /dev/zero filename...

CVE-2022-31246

Electrum ≤ 4.2.1 is affected by a vulnerability in paymentrequest.py that allows a file:// URL in the r parameter of a payment request (e.g., in QR code data). The issue can cause credential leakage on Windows via SMB and, on Linux/UNIX, denial of service by referencing the /dev/zero filename. Re...