CVE-2026-34624

creationtimestamp| type| source ---|---|--- 2026-04-14 20:26:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mji7og3dqh2z 2026-04-15 02:35:47+00:00| seen| https://bsky.app/profile/adobedigest.bsky.social/post/3mjiudfflxk2j...

MAL-2025-34624 Malicious code in teamred (npm)

The package teamred was found to contain malicious code...

CVE-2023-34624

An issue was discovered htmlcleaner thru = 2.28 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...

CVE-2022-34624

Mealie1.0.0beta3 does not terminate download tokens after a user logs out, allowing attackers to perform a man-in-the-middle attack via a crafted GET request...

CVE-2024-34624

creationtimestamp| type| source ---|---|--- 2024-08-07 05:15:56+00:00| seen| https://t.me/cvedetector/2662...

CVE-2024-34624

Out-of-bounds read in applying paragraphs in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : HtmlCleaner vulnerability (USN-6683-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6683-1 advisory. It was discovered that HtmlCleaner incorrectly handled certain html documents. An attacker could possibly use this issue to cause a denial...

CVE-2023-34624

creationtimestamp| type| source ---|---|--- 2024-02-10 10:11:51+00:00| seen| https://t.me/ctinow/182508...

Debian DSA-5471-1 : libhtmlcleaner-java - security update

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5471 advisory. A security vulnerability has been discovered in libhtmlcleaner-java, a Java HTML parser library. An attacker was able to cause a denial of service StackOverflowError ...

[SECURITY] [DSA 5471-1] libhtmlcleaner-java security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5471-1 [email protected] https://www.debian.org/security/ Markus Koschany August 07, 2023 https://www.debian.org/security/faq -...

[SECURITY] [DLA 3520-1] libhtmlcleaner-java security update

Debian LTS Advisory DLA-3520-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany August 07, 2023 https://wiki.debian.org/LTS Package : libhtmlcleaner-java Version : 2.21-5+deb10u1 CVE ID : CVE-2023-34624 A security vulnerability has been discovered in...

CVE-2023-34624

An issue was discovered htmlcleaner thru = 2.28 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...

CVE-2023-34624

CVE-2023-34624 affects libhtmlcleaner-java and is documented across multiple advisories (Debian, Ubuntu, NCSC) as a denial of service vulnerability in the HtmlCleaner library triggered by deeply nested HTML/input; the root cause involves handling crafted input with nesting/cyclic dependencies. Ef...

CVE-2022-34624

creationtimestamp| type| source ---|---|--- 2022-08-19 18:17:23+00:00| seen| https://t.me/cibsecurity/48438...

CVE-2022-34624

CVE-2022-34624 affects Mealie 1.0.0beta3, where download tokens are not terminated after logout, enabling a man-in-the-middle via a crafted GET request. The NVD entry lists a CVSS 3.1 base score of 5.9 (MEDIUM) with NETWORK attack vector and HIGH confidentiality impact, and NO exploitation detail...

WordPress ProfilePress Plugin 3.0.0 < 3.1.4 Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:properfraction:profilepress"; if description...

CVE-2021-34624 ProfilePress 3.0 - 3.1.3 - Arbitrary File Upload in File Uploader Component

A vulnerability in the file uploader component found in the /src/Classes/FileUploader.php file of the ProfilePress WordPress plugin made it possible for users to upload arbitrary files during user registration or during profile updates. This issue affects versions 3.0.0 - 3.1.3...

CVE-2021-34624

The CVE concerns the WordPress ProfilePress plugin (versions 3.0.0–3.1.3). A vulnerability in the FileUploader.php component allows unauthenticated users to upload arbitrary files during registration or profile updates, enabling potential remote code execution and full site compromise. The issue ...

CVE-2021-34624

creationtimestamp| type| source ---|---|--- 2021-07-05 12:18:01+00:00| seen| https://t.me/CyberSecurityTechnologies/3770 2021-07-07 16:37:45+00:00| seen| https://t.me/cibsecurity/25961 2025-01-26 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-01-26 2025-05-10...

ProfilePress Plugin for WordPress 3.x < 3.1.4 Multiple Vulnerabilities

The WordPress ProfilePress Plugin installed on the remote host is affected by multiple vulnerabilities : - An unauthenticated privilege escalation exists when supplying wpcapabilties as an array parameter while registering. CVE-2021-34621 - An authenticated privilege escalation exists within the...