Lucene search
K

23 matches found

NVD
NVD
added 2026/01/23 3:16 p.m.7 views

CVE-2026-24535

Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos automatic-featured-images-from-videos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automatic Featured Images from Videos: from n/a through = 1.2.7...

4.3CVSS0.00201EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/23 2:28 p.m.4 views

CVE-2026-24535 WordPress Automatic Featured Images from Videos plugin <= 1.2.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos automatic-featured-images-from-videos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automatic Featured Images from Videos: from n/a through = 1.2.7...

4.3CVSS5.9AI score0.00201EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-24535

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Parsing invalid messages can panic. Parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of...

7.5CVSS7.1AI score0.01089EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 7:22 p.m.5 views

CVE-2021-24535

The Light Messages WordPress plugin through 1.0 is lacking CSRF check when updating it's settings, and is not sanitising its Message Content in them even with the unfilteredhtml disallowed. As a result, an attacker could make a logged in admin update the settings to arbitrary values, and set a...

6.1CVSS5.7AI score0.00412EPSS
Exploits2References1
NVD
NVD
added 2025/01/31 9:15 a.m.6 views

CVE-2025-24535

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sonalsinha21 SKT Donation skt-donation allows Reflected XSS.This issue affects SKT Donation: from n/a through = 1.9...

7.1CVSS0.00241EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/31 8:24 a.m.18 views

CVE-2025-24535 WordPress SKT Donation plugin <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sonalsinha21 SKT Donation skt-donation allows Reflected XSS.This issue affects SKT Donation: from n/a through = 1.9...

7.1CVSS0.00241EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/31 8:24 a.m.3 views

CVE-2025-24535 WordPress SKT Donation plugin <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sonalsinha21 SKT Donation skt-donation allows Reflected XSS.This issue affects SKT Donation: from n/a through = 1.9...

7.1CVSS5.9AI score0.00241EPSS
Exploits0References1
CVE
CVE
added 2025/01/31 8:24 a.m.52 views

CVE-2025-24535

The CVE-2025-24535 entry concerns the WordPress SKT Donation plugin (≤ 1.9). The underlying issue is Improper Neutralization of Input During Web Page Generation, enabling Reflected XSS. Affected software is SKT Donation versions up to 1.9; no newer version fix is documented in the provided source...

7.1CVSS5.9AI score0.00241EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2023/06/14 9:15 a.m.23 views

CVE-2023-24535

A flaw was found in the golang implementation of the protobuf protocol. This issue occurs when parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of whitespace, and no further input, which will cause a panic...

7.5CVSS7.3AI score0.01089EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/06/13 3:5 a.m.6 views

SUSE CVE-2023-24535

Parsing invalid messages can panic. Parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of whitespace, and no further input will cause a panic...

7.5CVSS7.6AI score0.01089EPSS
Exploits0References3
NVD
NVD
added 2023/06/08 9:15 p.m.17 views

CVE-2023-24535

Parsing invalid messages can panic. Parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of whitespace, and no further input will cause a panic...

7.5CVSS7.6AI score0.01089EPSS
Exploits0References3
Wolfi
Wolfi
added 2023/06/08 9:15 p.m.20 views

CVE-2023-24535 vulnerabilities

Vulnerabilities for packages: ko...

7.5CVSS7.7AI score0.01089EPSS
Exploits0
OSV
OSV
added 2023/06/08 9:15 p.m.3 views

UBUNTU-CVE-2023-24535

Parsing invalid messages can panic. Parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of whitespace, and no further input will cause a panic...

7.5CVSS7.1AI score0.01089EPSS
Exploits0References5
CVE
CVE
added 2023/06/08 8:26 p.m.1541 views

CVE-2023-24535

CVE-2023-24535 is a vulnerability in the Go protobuf handling in google.golang.org/protobuf where parsing a text-format message containing a minus sign, whitespace, and no further input can cause a panic. The issue is described across multiple sources (OSV and NVD entries) with the same descripti...

7.5CVSS7.4AI score0.01089EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/06/08 8:26 p.m.40 views

CVE-2023-24535 Panic when parsing invalid messages in google.golang.org/protobuf

Parsing invalid messages can panic. Parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of whitespace, and no further input will cause a panic...

7.7AI score0.01089EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/06/08 8:26 p.m.15 views

CVE-2023-24535 Panic when parsing invalid messages in google.golang.org/protobuf

Parsing invalid messages can panic. Parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of whitespace, and no further input will cause a panic...

7.5AI score0.01089EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/18 12:47 p.m.26 views

Security Bulletin: Operations Dashboard is vulnerable to denial of service due to vulnerability in protobuf (CVE-2023-24535)

Summary Operations Dashboard is vulnerable to denial of service due to vulnerability in protobuf CVE-2023-24535 with details below. Vulnerability Details CVEID:CVE-2023-24535 DESCRIPTION: Golang protobuf package is vulnerable to a denial of service, caused by improper input validation. By sending...

7.5CVSS7.3AI score0.01089EPSS
Exploits0Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/03/22 2:15 p.m.1 views

CVE-2020-24535

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

5.3AI score
Exploits0References1
NVD
NVD
added 2023/03/22 2:15 p.m.8 views

CVE-2020-24535

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

6.5AI score
Exploits0
Circl
Circl
added 2021/08/16 2:14 p.m.7 views

CVE-2021-24535

creationtimestamp| type| source ---|---|--- 2021-08-16 14:14:52+00:00| seen| https://t.me/cibsecurity/27368...

6.1CVSS6.1AI score0.00412EPSS
Exploits2References1
Rows per page
Query Builder