Lista CVE - 2024 / Novembre
Visualizzazione 2101 - 2200 di 4054 CVE per Novembre 2024 (Pagina 22 di 41)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2024-43189 | 2024-11-15 | IBM Concert Software information disclosure |
| CVE-2024-20373 | 2024-11-15 | Cisco IOS and Cisco IOS XE SNMP Extended ACL Bypass Vulnerability |
| CVE-2023-20154 | 2024-11-15 | Cisco Modeling Labs External Authentication Bypass Vulnerability |
| CVE-2023-20125 | 2024-11-15 | Cisco BroadWorks Network Server TCP Denial of Service Vulnerability |
| CVE-2024-11243 | 2024-11-15 | code-projects Online Shop Store signup.php cross site scripting |
| CVE-2024-52555 | 2024-11-15 | In JetBrains WebStorm before 2024.3 code execution in Untrusted Project... |
| CVE-2023-20094 | 2024-11-15 | Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability |
| CVE-2023-20093 | 2024-11-15 | Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File Overwrite Vulnerability |
| CVE-2024-49754 | 2024-11-15 | LibreNMS has a stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/api-access.inc.php |
| CVE-2023-20092 | 2024-11-15 | Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File Overwrite Vulnerability |
| CVE-2023-20091 | 2024-11-15 | Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File Overwrite Vulnerability |
| CVE-2024-49758 | 2024-11-15 | LibreNMS has a stored XSS in ExamplePlugin with Device's Notes |
| CVE-2023-20090 | 2024-11-15 | Cisco TelePresence Collaboration Endpoint and RoomOS Software Privilege Escalation Vulnerability |
| CVE-2023-20060 | 2024-11-15 | Cisco Prime Collaboration Deployment Cross-Site Scripting Vulnerability |
| CVE-2023-20039 | 2024-11-15 | Cisco Industrial Network Director File Permissions |
| CVE-2023-20036 | 2024-11-15 | Cisco Industrial Network Director Command Injection Vulnerability |
| CVE-2023-20004 | 2024-11-15 | Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File Write Vulnerability |
| CVE-2022-20939 | 2024-11-15 | Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability |
| CVE-2024-49759 | 2024-11-15 | LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/edituser.inc.php |
| CVE-2022-20871 | 2024-11-15 | Cisco Secure Web Appliance Privilege Escalation Vulnerability |
| CVE-2022-20853 | 2024-11-15 | Cisco Expressway Series and Cisco TelePresence VCS Cross-Site Request Forgery Vulnerability |
| CVE-2024-49764 | 2024-11-15 | LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/capture.inc.php |
| CVE-2024-50350 | 2024-11-15 | LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php |
| CVE-2022-20931 | 2024-11-15 | Cisco Touch 10 Device Downgrade Attack Vulnerability |
| CVE-2022-20948 | 2024-11-15 | Cisco BroadWorks Hosted Thin Receptionist Cross-Site Scripting Vulnerability |
| CVE-2024-11244 | 2024-11-15 | code-projects Farmacia editar-cliente.php sql injection |
| CVE-2024-11245 | 2024-11-15 | code-projects Farmacia editar-produto.php sql injection |
| CVE-2022-20849 | 2024-11-15 | Cisco IOS XR Software Broadband Network Gateway PPPoE Denial of Service Vulnerability |
| CVE-2022-20845 | 2024-11-15 | Cisco Network Convergence System 4000 Series TL1 Denial of Service Vulnerability |
| CVE-2022-20846 | 2024-11-15 | Cisco IOS XR Software Cisco Discovery Protocol Buffer Overflow Vulnerability |
| CVE-2022-20814 | 2024-11-15 | Cisco Expressway Series and Cisco TelePresence VCS Improper Certificate Validation Vulnerability |
| CVE-2022-20793 | 2024-11-15 | Cisco Touch 10 Device Insufficient Identity Verification Vulnerability |
| CVE-2024-50351 | 2024-11-15 | LibreNMS has a Reflected XSS ('Cross-site Scripting') in librenms/includes/functions.php |
| CVE-2022-20766 | 2024-11-15 | Cisco ATA 190 Series Analog Telephone Adapter firmware Cisco Discovery Protocol Denial of Service Vulnerability |
| CVE-2022-20656 | 2024-11-15 | Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Path Traversal Vulnerability |
| CVE-2022-20685 | 2024-11-15 | Multiple Cisco Products Snort Modbus Denial of Service Vulnerability |
| CVE-2022-20663 | 2024-11-15 | Secure Network Analytics Cross-Site Scripting Vulnerability |
| CVE-2022-20657 | 2024-11-15 | Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Cross-Site Scripting Vulnerability |
| CVE-2024-50352 | 2024-11-15 | LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/overview/services.inc.php |
| CVE-2024-41784 | 2024-11-15 | IBM Sterling Secure Proxy directory traversal |
| CVE-2024-50355 | 2024-11-15 | LibreNMS has a Persistent XSS from Insecure Input Sanitization Affects Multiple Endpoints |
| CVE-2024-51494 | 2024-11-15 | LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php |
| CVE-2024-51495 | 2024-11-15 | LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/dev-overview-data.inc.php |
| CVE-2024-51496 | 2024-11-15 | LibreNMS has a Reflected XSS ('Cross-site Scripting') in librenms/includes/html/pages/wireless.inc.php |
| CVE-2024-51497 | 2024-11-15 | LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/print-customoid.php |
| CVE-2024-52526 | 2024-11-15 | LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/services.inc.php |
| CVE-2022-20655 | 2024-11-15 | A vulnerability in the implementation of the CLI on a... |
| CVE-2022-20652 | 2024-11-15 | Cisco Tetration Command Injection Vulnerability |
| CVE-2022-20649 | 2024-11-15 | Cisco Redundancy Configuration Manager Debug Remote Code Execution Vulnerability |
| CVE-2022-20648 | 2024-11-15 | Cisco Redundancy Configuration Manager Debug Information Disclosure Vulnerability |
| CVE-2024-11246 | 2024-11-15 | code-projects Farmacia adicionar-cliente.php cross site scripting |
| CVE-2022-20634 | 2024-11-15 | Cisco Enterprise Chat and Email Open Redirect Vulnerability |
| CVE-2022-20654 | 2024-11-15 | Cisco Webex Meetings Cross-Site Scripting Vulnerability |
| CVE-2022-20631 | 2024-11-15 | Cisco Enterprise Chat and Email Cross-Site Scripting Vulnerability |
| CVE-2022-20626 | 2024-11-15 | Cisco Prime Access Registrar Appliance Cross-Site Scripting Vulnerability |
| CVE-2024-39726 | 2024-11-15 | IBM Engineering Insights XML external entity injection |
| CVE-2021-34750 | 2024-11-15 | Cisco Firepower Management Center Software Configuration Information Disclosure Vulnerability |
| CVE-2021-34751 | 2024-11-15 | Cisco Firepower Management Center Software Configuration Information Disclosure Vulnerability |
| CVE-2021-34752 | 2024-11-15 | Cisco Firepower Threat Defense Command Injection Vulnerabilities |
| CVE-2021-34753 | 2024-11-15 | Cisco Firepower Threat Defense Ethernet Industrial Protocol Policy Bypass Vulnerabilities |
| CVE-2022-20632 | 2024-11-15 | Cisco Enterprise Chat and Email Cross-Site Scripting Vulnerability |
| CVE-2022-20633 | 2024-11-15 | Cisco Enterprise Chat and Email Username Enumeration Vulnerability |
| CVE-2021-1494 | 2024-11-15 | Multiple Cisco products are affected by a vulnerability in the... |
| CVE-2024-52528 | 2024-11-15 | Auth Token can be passed dummy or wrong the middleware response is 200 OK |
| CVE-2021-1491 | 2024-11-15 | Cisco SD-WAN vManage Software Information Disclosure Vulnerability |
| CVE-2021-1484 | 2024-11-15 | Cisco SD-WAN vManage Command Injection Vulnerability |
| CVE-2021-1483 | 2024-11-15 | Cisco SD-WAN vManage Software XML External Entity Vulnerability |
| CVE-2024-52525 | 2024-11-15 | Nextcloud Server User password is available in memory of the PHP process |
| CVE-2024-11247 | 2024-11-15 | SourceCodester Online Eyewear Shop Inventory Page Master.php cross site scripting |
| CVE-2021-1464 | 2024-11-15 | Cisco SD-WAN vManage Authorization Bypass Vulnerability |
| CVE-2024-52523 | 2024-11-15 | Nextcloud Server Custom defined credentials of external storages are sent back to the frontend |
| CVE-2021-1482 | 2024-11-15 | Cisco SD-WAN vManage Authorization Bypass Vulnerability |
| CVE-2021-1481 | 2024-11-15 | Cisco SD-WAN vManage Cypher Query Language Injection Vulnerability |
| CVE-2024-52521 | 2024-11-15 | Nextcloud Server has a potential hash collision for background jobs could skip queuing them |
| CVE-2021-1470 | 2024-11-15 | Cisco SD-WAN SQL Injection Vulnerability |
| CVE-2024-52520 | 2024-11-15 | Nextcloud Server's link reference provider can be tricked into downloading bigger files than intended |
| CVE-2024-52519 | 2024-11-15 | Nextcloud Server's OAuth2 client secrets were stored in a recoverable way |
| CVE-2024-52518 | 2024-11-15 | Nextcloud Server is missing password confirmation when changing external storage options |
| CVE-2024-52517 | 2024-11-15 | Nextcloud Server's global credentials of external storages are sent back to the frontend |
| CVE-2024-52516 | 2024-11-15 | Nextcloud Server's shares are not removed when user is limited to share with in their groups and being removed from one of them |
| CVE-2024-11248 | 2024-11-15 | Tenda AC10 SetSysAutoRebbotCfg formSetRebootTimer stack-based overflow |
| CVE-2024-52515 | 2024-11-15 | Nextcloud Server has incomplete sanitization of SVG files allows to embed other images into previews |
| CVE-2021-1466 | 2024-11-15 | Cisco SD-WAN vDaemon Buffer Overflow Vulnerability |
| CVE-2024-52514 | 2024-11-15 | Nextcloud Server allows users to copy folder that contain files that are blocked by the files access control |
| CVE-2024-52513 | 2024-11-15 | Nextcloud Server's Attachments folder for Text app is accessible on "Files drop" and "Password protected" shares |
| CVE-2024-52522 | 2024-11-15 | Rclone Improper Permission and Ownership Handling on Symlink Targets with --links and --metadata |
| CVE-2024-52512 | 2024-11-15 | Nextcloud User OIDC has an open redirection when logging in with User OIDC |
| CVE-2024-52511 | 2024-11-15 | Nextcloud Tables has an Authorization Bypass Through User-Controlled Key in Tables |
| CVE-2024-52507 | 2024-11-15 | Share information of the Nextcloud Tables app is not limited to affected users |
| CVE-2024-52510 | 2024-11-15 | Nextcloud Desktop client behaves incorrectly if the initial end-to-end-encryption signature is empty |
| CVE-2024-11250 | 2024-11-15 | code-projects Inventory Management editProduct.php sql injection |
| CVE-2024-52508 | 2024-11-15 | Nextcloud Mail auto configurator can be tricked into sending account information to wrong servers |
| CVE-2024-52509 | 2024-11-15 | Nextcloud Mail app does not respect download permissions in shares |
| CVE-2024-47759 | 2024-11-15 | GLPI has a stored XSS via document upload |
| CVE-2024-11251 | 2024-11-15 | erzhongxmu Jeewms AuthInterceptor cgReportController.do sql injection |
| CVE-2024-40638 | 2024-11-15 | GLPI allows account takeover via SQL Injection in AJAX scripts |
| CVE-2024-41678 | 2024-11-15 | GLPI has multiple reflected XSS |
| CVE-2024-41679 | 2024-11-15 | Authenticated SQL injection in ticket form |
| CVE-2024-43417 | 2024-11-15 | Reflected XSS in Software form |
| CVE-2024-43418 | 2024-11-15 | GLPI has multiple reflected XSS |