CVE-2024-33912

creationtimestamp| type| source ---|---|--- 2025-02-06 02:40:18+00:00| seen| Telegram/GQmgBzh1PcRuxJXz8WQrN99Q2pGcNsyeAE1ZOio9hiJuYh...

CVE-2024-33912

CVE-2024-33912 pertains to Academy LMS (WordPress) and is a Missing Authorization vulnerability affecting Academy LMS versions up to 1.9.16. Public documents identify it as an authorization bypass issue allowing access to paid courses. The vulnerability is listed as patched in subsequent advisori...

WordPress Academy LMS Plugin <= 1.9.16 is vulnerable to Broken Access Control

Software Academy LMS Type Plugin Vulnerable versions = 1.9.16 Fixed in 1.9.17 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-33912 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 5a16f30edc5a Credits Steven Julian Required privileg...

Ubuntu: Security Advisory (USN-6584-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-6584-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6584-1: Libspf2 vulnerabilities

Philipp Jeitner and Haya Shulman discovered that Libspf2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

GLSA-202401-22 : libspf2: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202401-22 libspf2: Multiple vulnerabilities - Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF...

CVE-2023-33912

CVE-2023-33912 concerns the Contacts service in UNISOC-induced chipsets where a missing permission check could allow local information disclosure with no additional execution privileges. The available connected documents consistently state that the vulnerability enables local access to informatio...

CVE-2023-33912

In Contacts service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges...

CVE-2022-33912

creationtimestamp| type| source ---|---|--- 2022-06-17 16:23:45+00:00| seen| https://t.me/cibsecurity/44734...

CVE-2022-33912

The CVE-2022-33912 entry describes a local privilege escalation in Checkmk when using the shipped Debian package. The vulnerability arises because maintainer scripts under /var/lib/dpkg/info/ are owned by a user/group with ID 1001, allowing an attacker (with shell access) to modify these files, w...

Debian DLA-2890-1 : libspf2 - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2890 advisory. - libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail messag...

CVE-2021-33912

creationtimestamp| type| source ---|---|--- 2022-01-19 20:26:05+00:00| seen| https://t.me/cibsecurity/35877 2024-02-22 09:47:50+00:00| seen| https://t.me/arpsyndicate/3949...

CVE-2021-33912

libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of incorrect sprintf usage in SPFrecordexpanddata in spfexpand.c...

CVE-2021-33912

libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of incorrect sprintf usage in SPFrecordexpanddata in spfexpand.c...

CVE-2021-33912

libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of incorrect sprintf usage in SPFrecordexpanddata in spfexpand.c...

CVE-2021-33912

Libspf2 prior to 1.2.11 contains a four-byte heap-based buffer overflow triggered by crafting SPF DNS records, due to incorrect sprintf usage in SPF_record_expand_data (spf_expand.c). This can allow a remote attacker to execute arbitrary code via an unauthenticated email message. The vulnerabilit...