Lista CVE - 2024 / Novembre
Visualizzazione 3101 - 3200 di 4054 CVE per Novembre 2024 (Pagina 32 di 41)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2024-53093 | 2024-11-21 | nvme-multipath: defer partition scanning |
| CVE-2024-53094 | 2024-11-21 | RDMA/siw: Add sendpage_ok() check to disable MSG_SPLICE_PAGES |
| CVE-2024-53095 | 2024-11-21 | smb: client: Fix use-after-free of network namespace. |
| CVE-2024-49588 | 2024-11-21 | Multiple authenticated SQL injections in oracle-sidecar |
| CVE-2024-52615 | 2024-11-21 | Avahi: avahi wide-area dns uses constant source port |
| CVE-2024-52616 | 2024-11-21 | Avahi: avahi wide-area dns predictable transaction ids |
| CVE-2024-52052 | 2024-11-21 | Stream Target Remote Code Execution in Wowza Streaming Engine |
| CVE-2024-52053 | 2024-11-21 | Stored Cross-Site Scripting in Wowza Streaming Engine |
| CVE-2024-52054 | 2024-11-21 | Application Creation Path Traversal in Wowza Streaming Engine |
| CVE-2024-52055 | 2024-11-21 | Application Copy Path Traversal in Wowza Streaming Engine |
| CVE-2024-52056 | 2024-11-21 | Application Delete Path Traversal in Wowza Streaming Engine |
| CVE-2024-37782 | 2024-11-22 | An LDAP injection vulnerability in the login page of Gladinet... |
| CVE-2024-37783 | 2024-11-22 | A reflected cross-site scripting (XSS) vulnerability in Gladinet CentreStack v13.12.9934.54690... |
| CVE-2024-47863 | 2024-11-22 | An issue was discovered in Centreon Web 24.10.x before 24.10.0,... |
| CVE-2024-50657 | 2024-11-22 | An issue in Owncloud android apk v.4.3.1 allows a physically... |
| CVE-2024-50965 | 2024-11-22 | Cross Site Scripting vulnerability in Public Knowledge Project PKP Platform... |
| CVE-2024-51072 | 2024-11-22 | An issue in KIA Seltos vehicle instrument cluster with software... |
| CVE-2024-51073 | 2024-11-22 | An issue in KIA Seltos vehicle instrument cluster with software... |
| CVE-2024-51074 | 2024-11-22 | Incorrect access control in KIA Seltos vehicle instrument cluster with... |
| CVE-2024-52726 | 2024-11-22 | CRMEB v5.4.0 is vulnerable to Arbitrary file read in the... |
| CVE-2024-44786 | 2024-11-22 | Incorrect access control in Meabilis CMS 1.0 allows attackers to... |
| CVE-2024-52723 | 2024-11-22 | In TOTOLINK X6000R V9.4.0cu.1041_B20240224 in the shttpd file, the Uci_Set... |
| CVE-2024-53438 | 2024-11-22 | EventAttendance.php in ChurchCRM 5.7.0 is vulnerable to SQL injection. An... |
| CVE-2024-31408 | 2024-11-22 | OS command injection vulnerability exists in AIPHONE IX SYSTEM and... |
| CVE-2024-39290 | 2024-11-22 | Insufficiently protected credentials issue exists in AIPHONE IX SYSTEM and... |
| CVE-2024-45837 | 2024-11-22 | Use of hard-coded cryptographic key issue exists in AIPHONE IX... |
| CVE-2024-47142 | 2024-11-22 | AIPHONE IXG SYSTEM IXG-2C7 firmware Ver.2.03 and earlier and IXG-2C7-L... |
| CVE-2024-38296 | 2024-11-22 | Dell Edge Gateway 3200, versions prior to 15.40.30.2879, and Edge... |
| CVE-2024-11381 | 2024-11-22 | Control horas <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-11104 | 2024-11-22 | Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blogs) <= 2.6.2 - Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary Options Update |
| CVE-2024-11355 | 2024-11-22 | Ultimate YouTube Video & Shorts Player With Vimeo <= 3.3 - Missing Authorization to Authenticated (Subscriber+) Setting Exposure |
| CVE-2024-11601 | 2024-11-22 | Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blogs) <= 2.6.1 - Cross-Site Request Forgery to Limited Arbitrary Options Update |
| CVE-2024-10034 | 2024-11-22 | Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and Lightbox for native gallery <= 3.2.4.2 - Authenticated (Editor+) Stored Cross-Site Scripting |
| CVE-2024-11225 | 2024-11-22 | Premium Packages – Sell Digital Products Securely <= 5.9.3 - Reflected Cross-Site Scripting via add_query_arg |
| CVE-2024-8735 | 2024-11-22 | MailMunch – Grow your Email List <= 3.1.8 - Reflected Cross-Site Scripting |
| CVE-2024-10666 | 2024-11-22 | Easy Twitter Feed – Twitter feeds plugin for WP <= 1.2.6 - Authenticated (Contributor+) Post Exposure |
| CVE-2024-9422 | 2024-11-22 | GEO My WordPress < 4.5 - Admin+ Arbitrary File Upload |
| CVE-2024-8932 | 2024-11-22 | OOB access in ldap_escape |
| CVE-2024-8929 | 2024-11-22 | Leak partial content of the heap through heap buffer over-read in mysqlnd |
| CVE-2024-7837 | 2024-11-22 | SQLi in Firmanet Software's ERP |
| CVE-2024-7882 | 2024-11-22 | SQLi in Special Minds' e-Commerce |
| CVE-2017-9711 | 2024-11-22 | Permissions, Privileges, and Access Controls in Data |
| CVE-2021-30299 | 2024-11-22 | Improper Input Validation in Audio |
| CVE-2024-51766 | 2024-11-22 | HPE NonStop DISK UTIL, Local Denial of Service vulnerability |
| CVE-2024-41781 | 2024-11-22 | IBM PowerVM Hypervisor information disclosure |
| CVE-2024-41779 | 2024-11-22 | IBM Engineering Systems Design Rhapsody - Model Manager |
| CVE-2024-45719 | 2024-11-22 | Apache Answer: Predictable Authorization Token Using UUIDv1 |
| CVE-2024-49054 | 2024-11-22 | Microsoft Edge (Chromium-based) Spoofing Vulnerability |
| CVE-2024-50401 | 2024-11-22 | QTS, QuTS hero |
| CVE-2024-50400 | 2024-11-22 | QTS, QuTS hero |
| CVE-2024-50399 | 2024-11-22 | QTS, QuTS hero |
| CVE-2024-50398 | 2024-11-22 | QTS, QuTS hero |
| CVE-2024-50397 | 2024-11-22 | QTS, QuTS hero |
| CVE-2024-50396 | 2024-11-22 | QTS, QuTS hero |
| CVE-2024-50395 | 2024-11-22 | Media Streaming add-on |
| CVE-2024-48862 | 2024-11-22 | QuLog Center |
| CVE-2024-48861 | 2024-11-22 | QHora |
| CVE-2024-48860 | 2024-11-22 | QHora |
| CVE-2024-38647 | 2024-11-22 | QNAP AI Core |
| CVE-2024-38646 | 2024-11-22 | Notes Station 3 |
| CVE-2024-38645 | 2024-11-22 | Notes Station 3 |
| CVE-2024-38644 | 2024-11-22 | Notes Station 3 |
| CVE-2024-38643 | 2024-11-22 | Notes Station 3 |
| CVE-2024-37050 | 2024-11-22 | QTS, QuTS hero |
| CVE-2024-37049 | 2024-11-22 | QTS, QuTS hero |
| CVE-2024-37048 | 2024-11-22 | QTS, QuTS hero |
| CVE-2024-37047 | 2024-11-22 | QTS, QuTS hero |
| CVE-2024-37046 | 2024-11-22 | QTS, QuTS hero |
| CVE-2024-37045 | 2024-11-22 | QTS, QuTS hero |
| CVE-2024-37044 | 2024-11-22 | QTS, QuTS hero |
| CVE-2024-37043 | 2024-11-22 | QTS, QuTS hero |
| CVE-2024-37042 | 2024-11-22 | QTS, QuTS hero |
| CVE-2024-37041 | 2024-11-22 | QTS, QuTS hero |
| CVE-2024-32770 | 2024-11-22 | Photo Station |
| CVE-2024-32769 | 2024-11-22 | Photo Station |
| CVE-2024-32768 | 2024-11-22 | Photo Station |
| CVE-2024-32767 | 2024-11-22 | Photo Station |
| CVE-2023-24467 | 2024-11-22 | Possible Command Injection in OpenText iManager |
| CVE-2023-24466 | 2024-11-22 | Possible XML External Entity Injection in OpenText iManager |
| CVE-2022-26324 | 2024-11-22 | Possible XSS in iManager URL for access Component |
| CVE-2021-38135 | 2024-11-22 | Possible External service interaction Vulnerability in OpenText iManager |
| CVE-2021-38134 | 2024-11-22 | Possible Reflected and Stored XSS in OpenText iManager |
| CVE-2021-38119 | 2024-11-22 | Possible Reflected Cross-Site Scripting (XSS) Vulnerability in OpenText iManager |
| CVE-2021-38118 | 2024-11-22 | Possible Local Privilege Escalation Vulnerability in OpenText iManager |
| CVE-2021-38117 | 2024-11-22 | Possible Remote Code Execution Vulnerability OpenText iManager |
| CVE-2021-38116 | 2024-11-22 | Possible Command injection Vulnerability in OpenText iManager |
| CVE-2024-10863 | 2024-11-22 | Client-side audit exclusion vulnerability |
| CVE-2024-52793 | 2024-11-22 | XSS vulnerability in serveDir API of @std/http/file-server on POSIX systems |
| CVE-2024-52802 | 2024-11-22 | RIOT-OS missing dhcpv6_opt_t minimum header length check |
| CVE-2024-52804 | 2024-11-22 | Tornado has HTTP cookie parsing DoS vulnerability |
| CVE-2024-52814 | 2024-11-22 | Helm Lacks Granularity in Workflow Role |
| CVE-2024-10220 | 2024-11-22 | Arbitrary command execution through gitRepo volume |
| CVE-2024-11618 | 2024-11-22 | IPC Unigy Management System HTTP Request server-side request forgery |
| CVE-2024-52998 | 2024-11-22 | Substance3D - Stager | Out-of-bounds Read (CWE-125) |
| CVE-2024-53253 | 2024-11-22 | Sentry's improper error handling leaks Application Integration Client Secret |
| CVE-2023-39470 | 2024-11-22 | PaperCut NG print.script.sandboxed Exposed Dangerous Function Remote Code Execution Vulnerability |
| CVE-2023-51634 | 2024-11-22 | NETGEAR RAX30 Improper Certificate Validation Remote Code Execution Vulnerability |
| CVE-2023-51635 | 2024-11-22 | NETGEAR RAX30 fing_dil Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-51638 | 2024-11-22 | Allegra Hard-coded Credentials Authentication Bypass Vulnerability |
| CVE-2023-51639 | 2024-11-22 | Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability |