CVE-2026-24561

Missing Authorization vulnerability in Mahmudul Hasan Arif FluentBoards fluent-boards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentBoards: from n/a through = 1.91.1...

CVE-2025-24561

Cross-Site Request Forgery CSRF vulnerability in awcode ReviewsTap reviewstap allows Stored XSS.This issue affects ReviewsTap: from n/a through = 1.1.2...

CVE-2025-24561

creationtimestamp| type| source ---|---|--- 2025-01-24 17:46:51+00:00| seen| https://infosec.exchange/users/cve/statuses/113884581793928250...

CVE-2025-24561

CVE-2025-24561 — ReviewsTap (WordPress plugin) is a CSRF to Stored XSS vulnerability affecting ReviewsTap versions

CVE-2024-24561

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.10 and earlier, the bounds check for slices does not account for the ability for start + length to overflow when the values aren't literals. If a slice function uses a non-literal argument for the start ...

2vyper (=0.3.0), ape-dasy (=0.1.0) +30 more potentially affected by CVE-2024-24561 via vyper (>=0.1.0b12 <=0.4.0)

vyper PYPI version =0.1.0b12, =0.6.0, =0.7.1, =0.1.0, =0.0.0, =0.0.0, =0.0.5, =0.1.0, =0.1.0, =0.7.2, =0.1.10.0, =1.0.1, =0.1.0, =1.4.0, =1.20.7 and more Source cves: CVE-2024-24561 Source advisory: OSV:PYSEC-2024-149...

CVE-2024-24561

CVE-2024-24561 (Vyper) : The vulnerability is in the built-in slice() bounds check for Vyper up to version 0.3.10, where the runtime check does not account for overflow of start + length when arguments are non-literal. This can enable out-of-bounds (OOB) access to storage, memory, or calldata and...

CVE-2024-24561 Vyper bounds check on built-in `slice()` function can be overflowed

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.10 and earlier, the bounds check for slices does not account for the ability for start + length to overflow when the values aren't literals. If a slice function uses a non-literal argument for the start ...

CVE-2024-24561 Vyper bounds check on built-in `slice()` function can be overflowed

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.10 and earlier, the bounds check for slices does not account for the ability for start + length to overflow when the values aren't literals. If a slice function uses a non-literal argument for the start ...

CVE-2024-24561 Vyper bounds check on built-in `slice()` function can be overflowed

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.10 and earlier, the bounds check for slices does not account for the ability for start + length to overflow when the values aren't literals. If a slice function uses a non-literal argument for the start ...

CVE-2024-24561

creationtimestamp| type| source ---|---|--- 2024-01-31 23:06:49+00:00| published-proof-of-concept| https://github.com/vyperlang/vyper/security/advisories/GHSA-9x7f-gwxq-6f2c 2024-02-01 18:21:51+00:00| seen| https://t.me/ctinow/177721 2024-02-09 23:16:35+00:00| seen| https://t.me/ctinow/182322...

WordPress WP SMS Plugin < 5.4.13 is vulnerable to Cross Site Scripting (XSS)

Software WP SMS Type Plugin Vulnerable versions 5.4.13 Fixed in 5.4.13 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2021-24561 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 935be5382779 Credits Muhammad Daffa Required privileg...

CVE-2023-24561

Solid Edge SE2022 (all versions) and SE2023 (all versions) are affected by an uninitialized pointer access when parsing specially crafted PAR files, potentially enabling code execution in the current process. Affected versions are prior to V222.0MP12 (SE2022) and prior to V223.0Update2 (SE2023). ...

CVE-2023-24561

A vulnerability has been identified in Solid Edge SE2022 All versions V222.0MP12, Solid Edge SE2023 All versions V223.0Update2. The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execut...

CVE-2021-24561

creationtimestamp| type| source ---|---|--- 2021-08-23 16:23:12+00:00| seen| https://t.me/cibsecurity/27693...

CVE-2021-24561

The CVE-2021-24561 entry concerns the WP SMS WordPress plugin (versions prior to 5.4.13). The vulnerability is an Authenticated Stored Cross-Site Scripting issue caused by the plugin failing to sanitize the wp_group_name parameter when rendering the Groups page. Impact per sources is stored XSS w...

CVE-2021-24561 WP SMS < 5.4.13 - Authenticated Stored Cross-Site Scripting

The WP SMS WordPress plugin before 5.4.13 does not sanitise the "wpgroupname" parameter before outputting it back in the "Groups" page, leading to an Authenticated Stored Cross-Site Scripting issue...

Vulnerability fixed in Trend Micro ServerProtect

Trend Micro has fixed a vulnerability in ServerProtect for Linux. The vulnerability allows a remote malicious person to to execute arbitrary code under certain circumstances. Trend Micro rated the vulnerability with attribute CVE-2020-24561 with a CVSS score of 9.1. Trend Micro has released updat...

CVE-2020-24561

A command injection vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow an attacker to execute arbitrary code on an affected system. An attacker must first obtain admin/root privileges on the SPLX console to exploit this vulnerability...

CVE-2020-24561

Trend Micro ServerProtect for Linux 3.0 contains an OS command injection vulnerability (CWE-78) that can allow an attacker with admin/root privileges on the SPLX console to execute arbitrary code on the affected system. Red Hat CVE-2020-24561, NVD, JVN, and NCSC corroborate the vulnerability deta...