CVE-2021-24583

The Timetable and Event Schedule WordPress plugin before 2.4.2 does not have proper access control when deleting a timeslot, allowing any user with the editposts capability contributor+ to delete arbitrary timeslot from any events. Furthermore, no CSRF check is in place as well, allowing such...

CVE-2025-24583 WordPress 12 Step Meeting List plugin <= 3.16.5 - Settings Change vulnerability

Missing Authorization vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 12 Step Meeting List: from n/a through = 3.16.5...

CVE-2025-24583

CVE-2025-24583 affects the WordPress plugin “12 Step Meeting List” up to version 3.16.5. The vulnerability is described as a Missing Authorization issue that allows exploitation due to incorrectly configured access control security levels. Documented impact: baseline CVSSv3.1 score around 6.5 (Me...

CVE-2024-24583

creationtimestamp| type| source ---|---|--- 2025-02-11 23:11:40+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3940...

CVE-2024-24583

Multiple out-of-bounds read vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds read. An attacker can provide a malicious file to trigger this vulnerability.This vulnerabilitty concerns thereadMSH function while processin...

CVE-2024-24583

Multiple out-of-bounds read vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds read. An attacker can provide a malicious file to trigger this vulnerability.This vulnerabilitty concerns thereadMSH function while processin...

CVE-2024-24583

Removed by vendor...

CVE-2024-24583

CVE-2024-24583 affects libigl v2.5.0. The vulnerability is an out-of-bounds read in readMSH when processing MshLoader::ELEMENT_TRI, triggered by a specially crafted .msh file. Multiple connected sources (NVD/NVV publications and related CVE aggregations) report this exact issue and its associatio...

CVE-2024-24583

Multiple out-of-bounds read vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds read. An attacker can provide a malicious file to trigger this vulnerability.This vulnerabilitty concerns thereadMSH function while processin...

CVE-2023-24583

Two OS command injection vulnerabilities exist in the urvpnclient cmdnameaction functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This OS command injectio...

CVE-2023-24583

Summary (CVE-2023-24583) : Cisco Talos details two OS command injection flaws in Milesight UR32L v32.3.0.5 related to the urvpn_client’s command handling (execute_urvpn_command and cmd_name_action). An attacker can trigger arbitrary command execution by sending crafted JSON via UDP (and via TCP i...

CVE-2023-24583

Two OS command injection vulnerabilities exist in the urvpnclient cmdnameaction functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This OS command injectio...

Milesight UR32L urvpn_client cmd_name_action OS command injection vulnerabilities

Talos Vulnerability Report TALOS-2023-1710 Milesight UR32L urvpnclient cmdnameaction OS command injection vulnerabilities July 6, 2023 CVE Number CVE-2023-24583,CVE-2023-24582 SUMMARY Two OS command injection vulnerabilities exist in the urvpnclient cmdnameaction functionality of Milesight UR32L...

CVE-2021-24583 Timetable and Event Schedule by MotoPress < 2.4.2 - Unauthorised Event TimeSlot Deletion

The Timetable and Event Schedule WordPress plugin before 2.4.2 does not have proper access control when deleting a timeslot, allowing any user with the editposts capability contributor+ to delete arbitrary timeslot from any events. Furthermore, no CSRF check is in place as well, allowing such...

CVE-2021-24583

The Timetable and Event Schedule WordPress plugin by MotoPress (versions prior to 2.4.2) has a vulnerability where deleting a timeslot lacks proper access control and CSRF protection. Any user with the edit_posts capability (contributor+) can delete arbitrary timeslots from any event. The issue i...

ariadne-jwt (>=0.1.0 <=0.1.3), balder (=0.1.24) +30 more potentially affected by CVE-2020-24583 via django (>=3.1.0 <=3.1.0rc1)

django PYPI version =3.1.0, =0.1.0, =20.13.1, =0.1.0, =0.10.0, =0.9.0, =0.4.0, =0.12.0, =0.5.0, =0.7.0, =0.8.0, =0.13.2 and more Source cves: CVE-2020-24583 Source advisory: OSV:GHSA-M6GJ-H9GM-GW44...

ambition-edc (>=0.3.68 <=0.3.72), boorunaut (=0.4.3) +46 more potentially affected by CVE-2020-24583 via django (>=2.2.0 <=2.2.15)

django PYPI version =2.2.0, =0.3.68, =5.2.1, =0.1.0, =1.0.1, =0.0.1, =0.0.1, =2.0.0, =0.3.0a0, =0.4.0b1 - django-dicom =0.0.1 - django-gov-notify =0.1.0 - django-htmx-rest =0.0.1b1 - django-ios-storekit =1.0.6 and more Source cves: CVE-2020-24583 Source advisory: OSV:GHSA-M6GJ-H9GM-GW44...

Security fix for the ALT Linux 9 package python3-module-django version 2.2.17-alt1

Dec. 11, 2020 Alexey Shabalin 2.2.17-alt1 - new version 2.2.17 - Fixes for the following security vulnerabilities: + CVE-2020-13254 Potential data leakage via malformed memcached keys + CVE-2020-13596 Possible XSS via admin ForeignKeyRawIdWidget + CVE-2020-24583: Incorrect permissions on...

Fedora: Security Advisory for python-django (FEDORA-2020-9c6b391162)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 31 : python-django (2020-6941c0a65b)

update to 2.2.16, CVE-2020-24583, CVE-2020-24584 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C...