CVE-2026-24560 WordPress Cloudinary plugin <= 3.3.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Cloudinary Cloudinary cloudinary-image-management-and-manipulation-in-the-cloud-cdn allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cloudinary: from n/a through = 3.3.2...

CVE-2020-24560

An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 v15 consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one...

CVE-2024-24560

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. When calls to external contracts are made, we write the input buffer starting at byte 28, and allocate the return buffer to start at byte 0 overlapping with the input buffer. When checking RETURNDATASIZE for dynamic...

CVE-2023-24560

A vulnerability has been identified in Solid Edge SE2022 All versions V222.0MP12, Solid Edge SE2023 All versions V223.0Update2. The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to ...

CVE-2025-24560

creationtimestamp| type| source ---|---|--- 2025-01-31 09:16:57+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgzo2kvxa72h 2025-01-31 10:15:44+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3632 2025-01-31 11:11:39+00:00| seen| https://t.me/cvedetector/16913...

CVE-2025-24560

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AwesomeTOGI Awesome Event Booking awesome-event-booking allows Reflected XSS.This issue affects Awesome Event Booking: from n/a through = 2.7.1...

CVE-2025-24560 WordPress Awesome Event Booking plugin <= 2.7.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AwesomeTOGI Awesome Event Booking awesome-event-booking allows Reflected XSS.This issue affects Awesome Event Booking: from n/a through = 2.7.1...

CVE-2025-24560 WordPress Awesome Event Booking plugin <= 2.7.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AwesomeTOGI Awesome Event Booking awesome-event-booking allows Reflected XSS.This issue affects Awesome Event Booking: from n/a through = 2.7.1...

CVE-2025-24560

CVE-2025-24560 affects the WordPress plugin Awesome Event Booking up to version 2.7.1 (and possibly n/a). The flaw is a Reflected Cross-Site Scripting (XSS) caused by improper input neutralization during page generation. Published references indicate the vulnerable surface is the WordPress plugin (

2vyper (=0.3.0), ape-dasy (=0.1.0) +28 more potentially affected by CVE-2024-24560 via vyper (>=0.1.0b12 <=0.3.9)

vyper PYPI version =0.1.0b12, =0.7.1, =0.1.0, =0.0.0, =0.0.0, =0.0.5, =0.1.0, =0.1.0, =0.7.2, =0.1.10.0, =1.0.1, =0.1.0, =1.4.0, =1.20.6 and more Source cves: CVE-2024-24560 Source advisory: OSV:GHSA-GP3W-2V2M-P686...

CVE-2024-24560 Vyper external calls can overflow return data to return input buffer

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. When calls to external contracts are made, we write the input buffer starting at byte 28, and allocate the return buffer to start at byte 0 overlapping with the input buffer. When checking RETURNDATASIZE for dynamic...

CVE-2024-24560 Vyper external calls can overflow return data to return input buffer

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. When calls to external contracts are made, we write the input buffer starting at byte 28, and allocate the return buffer to start at byte 0 overlapping with the input buffer. When checking RETURNDATASIZE for dynamic...

CVE-2024-24560

CVE-2024-24560 concerns Vyper’s handling of external calls, where the return buffer can overflow into the input buffer due to memory layout and the RETURNDATASIZE length check for dynamic types. The result can cause a contract to read malformed data from the input buffer instead of the intended r...

CVE-2024-24560

creationtimestamp| type| source ---|---|--- 2024-02-02 15:46:08+00:00| published-proof-of-concept| https://github.com/vyperlang/vyper/security/advisories/GHSA-gp3w-2v2m-p686 2024-02-02 18:22:18+00:00| seen| https://t.me/ctinow/178209 2024-02-12 19:16:34+00:00| seen| https://t.me/ctinow/183345...

CVE-2023-24560

creationtimestamp| type| source ---|---|--- 2023-02-14 14:35:38+00:00| seen| https://t.me/cibsecurity/58070...

CVE-2023-24560

CVE-2023-24560 affects Siemens Solid Edge SE2022 (&lt; V222.0MP12) and SE2023 (

CVE-2021-24560

CVE-2021-24560 affects the WordPress plugin Software License Manager up to version 4.4.8. The issue is a Reflected Cross-Site Scripting vulnerability caused by insufficient sanitization/escaping of the edit_record parameter when outputting content in the admin dashboard. Affected component: the p...

CVE-2020-24560

The connected Red Hat, NVD, JVN and related records identify CVE-2020-24560 as an incomplete SSL server certificate validation vulnerability in Trend Micro Security 2019 (v15) consumer products. The issue arises in the update channel: an attacker could leverage improper server certificate verific...

JVN#60093979: Multiple vulnerabilities in Active Update function implemented in multiple Trend Micro products

Active Update function implemented in Premium Security 2019 for Windows v15, Maximum Security 2019 for Windows v15, Internet Security 2019 for Windows v15 and Antivirus+ 2019 for Windows v15 provided by Trend Micro Incorporated contain multiple vulnerabilities listed below. Update files are not...