TencentOS Server 4: hdf5 (TSSA-2024:0175)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0175 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

CVE-2022-32624

In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07405923; Issue ID: ALPS07405923...

CVE-2021-32624

Keystone 5 is an open source CMS platform to build Node.js applications. This security advisory relates to a newly discovered capability in our query infrastructure to directly or indirectly expose the values of private fields, bypassing the configured access control. This is an access control...

CVE-2025-32624

Missing Authorization vulnerability in czater Czater.pl – live chat i telefon czater allows Cross Site Request Forgery.This issue affects Czater.pl – live chat i telefon: from n/a through = 1.0.5...

CVE-2025-32624

Missing Authorization vulnerability in czater Czater.pl – live chat i telefon czater allows Cross Site Request Forgery.This issue affects Czater.pl – live chat i telefon: from n/a through = 1.0.5...

CVE-2025-32624

CVE-2025-32624 (CZATER.pl – live chat i telefon) is a missing authorization vulnerability that enables Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) in Czater.pl – live chat i telefon. The Wordfence vulnerability entry explicitly associates CVE-2025-32624 with Cza...

CVE-2025-32624 WordPress Czater.pl – live chat i telefon plugin <= 1.0.5 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Missing Authorization vulnerability in czater Czater.pl – live chat i telefon czater allows Cross Site Request Forgery.This issue affects Czater.pl – live chat i telefon: from n/a through = 1.0.5...

CVE-2025-32624 WordPress Czater.pl – live chat i telefon plugin <= 1.0.5 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Missing Authorization vulnerability in czater Czater.pl – live chat i telefon allows Cross Site Request Forgery. This issue affects Czater.pl – live chat i telefon: from n/a through 1.0.5...

WordPress Czater.pl – live chat i telefon plugin <= 1.0.5 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

CSRF to Stored Cross Site Scripting XSS vulnerability discovered by Abdi Pranata in WordPress Plugin Czater.pl – live chat i telefon versions = 1.0.5...

Linux Distros Unpatched Vulnerability : CVE-2024-32624

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5Trefmemsetnull in H5Tref.c called from H5Tconvref in H5Tconv.c, resulting in the corrupti...

CVE-2024-32624

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5Trefmemsetnull in H5Tref.c called from H5Tconvref in H5Tconv.c, resulting in the corruption of the instruction pointer...

CVE-2024-32624

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5Trefmemsetnull in H5Tref.c called from H5Tconvref in H5Tconv.c, resulting in the corruption of the instruction pointer...

CVE-2024-32624

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5Trefmemsetnull in H5Tref.c called from H5Tconvref in H5Tconv.c, resulting in the corruption of the instruction pointer...

CVE-2024-32624

The CVE-2024-32624 entry refers to a heap-based buffer overflow in HDF5 Library up to version 1.14.3, specifically in H5T__ref_mem_setnull (H5Tref.c) invoked by H5T__conv_ref (H5Tconv.c), which can corrupt the instruction pointer. The connected materials confirm this vulnerability is associated w...

CVE-2023-32624

creationtimestamp| type| source ---|---|--- 2023-07-21 07:33:32+00:00| seen| https://t.me/cibsecurity/67080...

CVE-2023-32624

CVE-2023-32624 is a Cross-site scripting vulnerability in the WordPress plugin TS Webfonts for SAKURA. Affected are TS Webfonts for SAKURA versions 3.1.0 and earlier; the issue allows a remote unauthenticated attacker to inject arbitrary script into a user’s browser. JVN documentation lists a fix...

JVN#90560760: Multiple vulnerabilities in WordPress Plugin "TS Webfonts for SAKURA"

WordPress Plugin "TS Webfonts for SAKURA" provided by SAKURA internet Inc. contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2023-32624 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2|...

CVE-2022-32624

creationtimestamp| type| source ---|---|--- 2022-12-05 18:40:01+00:00| seen| https://t.me/cibsecurity/53980 2025-04-24 15:06:31+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13243...

CVE-2022-32624

In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07405923; Issue ID: ALPS07405923...

CVE-2022-32624

CVE-2022-32624 describes an out-of-bounds write caused by an incorrect buffer-size calculation in the throttling mechanism. This can lead to local escalation of privileges with SYSTEM-level execution privileges. Exploitation is described as local and does not require user interaction. The issue i...