23 matches found
CVE-2026-24535
Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos automatic-featured-images-from-videos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automatic Featured Images from Videos: from n/a through = 1.2.7...
CVE-2026-24535 WordPress Automatic Featured Images from Videos plugin <= 1.2.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos automatic-featured-images-from-videos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automatic Featured Images from Videos: from n/a through = 1.2.7...
Linux Distros Unpatched Vulnerability : CVE-2023-24535
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Parsing invalid messages can panic. Parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of...
CVE-2021-24535
The Light Messages WordPress plugin through 1.0 is lacking CSRF check when updating it's settings, and is not sanitising its Message Content in them even with the unfilteredhtml disallowed. As a result, an attacker could make a logged in admin update the settings to arbitrary values, and set a...
CVE-2025-24535
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sonalsinha21 SKT Donation skt-donation allows Reflected XSS.This issue affects SKT Donation: from n/a through = 1.9...
CVE-2025-24535 WordPress SKT Donation plugin <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sonalsinha21 SKT Donation skt-donation allows Reflected XSS.This issue affects SKT Donation: from n/a through = 1.9...
CVE-2025-24535 WordPress SKT Donation plugin <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sonalsinha21 SKT Donation skt-donation allows Reflected XSS.This issue affects SKT Donation: from n/a through = 1.9...
CVE-2025-24535
The CVE-2025-24535 entry concerns the WordPress SKT Donation plugin (≤ 1.9). The underlying issue is Improper Neutralization of Input During Web Page Generation, enabling Reflected XSS. Affected software is SKT Donation versions up to 1.9; no newer version fix is documented in the provided source...
CVE-2023-24535
A flaw was found in the golang implementation of the protobuf protocol. This issue occurs when parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of whitespace, and no further input, which will cause a panic...
SUSE CVE-2023-24535
Parsing invalid messages can panic. Parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of whitespace, and no further input will cause a panic...
CVE-2023-24535
Parsing invalid messages can panic. Parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of whitespace, and no further input will cause a panic...
CVE-2023-24535 vulnerabilities
Vulnerabilities for packages: ko...
UBUNTU-CVE-2023-24535
Parsing invalid messages can panic. Parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of whitespace, and no further input will cause a panic...
CVE-2023-24535
CVE-2023-24535 is a vulnerability in the Go protobuf handling in google.golang.org/protobuf where parsing a text-format message containing a minus sign, whitespace, and no further input can cause a panic. The issue is described across multiple sources (OSV and NVD entries) with the same descripti...
CVE-2023-24535 Panic when parsing invalid messages in google.golang.org/protobuf
Parsing invalid messages can panic. Parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of whitespace, and no further input will cause a panic...
CVE-2023-24535 Panic when parsing invalid messages in google.golang.org/protobuf
Parsing invalid messages can panic. Parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of whitespace, and no further input will cause a panic...
Security Bulletin: Operations Dashboard is vulnerable to denial of service due to vulnerability in protobuf (CVE-2023-24535)
Summary Operations Dashboard is vulnerable to denial of service due to vulnerability in protobuf CVE-2023-24535 with details below. Vulnerability Details CVEID:CVE-2023-24535 DESCRIPTION: Golang protobuf package is vulnerable to a denial of service, caused by improper input validation. By sending...
CVE-2020-24535
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...
CVE-2020-24535
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...
CVE-2021-24535
creationtimestamp| type| source ---|---|--- 2021-08-16 14:14:52+00:00| seen| https://t.me/cibsecurity/27368...