Lista CVE - 2024 / Dicembre
Visualizzazione 3201 - 3300 di 3433 CVE per Dicembre 2024 (Pagina 33 di 35)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2024-56512 | 2024-12-28 | Apache NiFi: Missing Complete Authorization for Parameter and Service References |
| CVE-2024-12998 | 2024-12-28 | code-projects Online Car Rental System GET Parameter index.php cross site scripting |
| CVE-2018-25107 | 2024-12-29 | The Crypt::Random::Source package before 0.13 for Perl has a fallback... |
| CVE-2024-56737 | 2024-12-29 | GNU GRUB (aka GRUB2) through 2.12 has a heap-based buffer... |
| CVE-2024-56738 | 2024-12-29 | GNU GRUB (aka GRUB2) through 2.12 does not use a... |
| CVE-2024-12999 | 2024-12-29 | PHPGurukul Small CRM edit-user.php sql injection |
| CVE-2024-13000 | 2024-12-29 | PHPGurukul Small CRM quote-details.php sql injection |
| CVE-2024-13001 | 2024-12-29 | PHPGurukul Small CRM index.php sql injection |
| CVE-2024-13002 | 2024-12-29 | 1000 Projects Bookstore Management System order_process.php sql injection |
| CVE-2024-13003 | 2024-12-29 | 1000 Projects Portfolio Management System MCA update_ed.php sql injection |
| CVE-2024-12238 | 2024-12-29 | Ninja Forms – The Contact Form Builder That Grows With You <= 3.8.22 - Authenticated (Subscriber+) Arbitrary Shortcode Execution |
| CVE-2024-13004 | 2024-12-29 | PHPGurukul Complaint Management System category.php sql injection |
| CVE-2024-13005 | 2024-12-29 | 1000 Projects Attendance Tracking Management System attendance_action.php sql injection |
| CVE-2024-13006 | 2024-12-29 | 1000 Projects Human Resource Management System employeeview.php sql injection |
| CVE-2024-13007 | 2024-12-29 | Codezips Event Management System contact.php sql injection |
| CVE-2024-56709 | 2024-12-29 | io_uring: check if iowq is killed before queuing |
| CVE-2024-56710 | 2024-12-29 | ceph: fix memory leak in ceph_direct_read_write() |
| CVE-2024-56711 | 2024-12-29 | drm/panel: himax-hx83102: Add a check to prevent NULL pointer dereference |
| CVE-2024-56712 | 2024-12-29 | udmabuf: fix memory leak on last export_udmabuf() error path |
| CVE-2024-56713 | 2024-12-29 | net: netdevsim: fix nsim_pp_hold_write() |
| CVE-2024-56714 | 2024-12-29 | ionic: no double destroy workqueue |
| CVE-2024-56715 | 2024-12-29 | ionic: Fix netdev notifier unregister on failure |
| CVE-2024-56716 | 2024-12-29 | netdevsim: prevent bad user input in nsim_dev_health_break_write() |
| CVE-2024-56717 | 2024-12-29 | net: mscc: ocelot: fix incorrect IFH SRC_PORT field in ocelot_ifh_set_basic() |
| CVE-2024-56718 | 2024-12-29 | net/smc: protect link down work from execute after lgr freed |
| CVE-2024-56719 | 2024-12-29 | net: stmmac: fix TSO DMA API usage causing oops |
| CVE-2024-13008 | 2024-12-29 | code-projects Responsive Hotel Site newsletter.php sql injection |
| CVE-2024-56720 | 2024-12-29 | bpf, sockmap: Several fixes to bpf_msg_pop_data |
| CVE-2024-56721 | 2024-12-29 | x86/CPU/AMD: Terminate the erratum_1386_microcode array |
| CVE-2024-56722 | 2024-12-29 | RDMA/hns: Fix cpu stuck caused by printings during reset |
| CVE-2024-56723 | 2024-12-29 | mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices |
| CVE-2024-56724 | 2024-12-29 | mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device |
| CVE-2024-56725 | 2024-12-29 | octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c |
| CVE-2024-56726 | 2024-12-29 | octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c |
| CVE-2024-56727 | 2024-12-29 | octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c |
| CVE-2024-56728 | 2024-12-29 | octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c |
| CVE-2024-56729 | 2024-12-29 | smb: Initialize cfid->tcon before performing network ops |
| CVE-2024-56730 | 2024-12-29 | net/9p/usbg: fix handling of the failed kzalloc() memory allocation |
| CVE-2024-56739 | 2024-12-29 | rtc: check if __rtc_read_time was successful in rtc_timer_do_work() |
| CVE-2024-56740 | 2024-12-29 | nfs/localio: must clear res.replen in nfs_local_read_done |
| CVE-2024-56742 | 2024-12-29 | vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() |
| CVE-2024-56743 | 2024-12-29 | nfs_common: must not hold RCU while calling nfsd_file_put_local |
| CVE-2024-56744 | 2024-12-29 | f2fs: fix to avoid potential deadlock in f2fs_record_stop_reason() |
| CVE-2024-56745 | 2024-12-29 | PCI: Fix reset_method_store() memory leak |
| CVE-2024-56746 | 2024-12-29 | fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() |
| CVE-2024-56747 | 2024-12-29 | scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() |
| CVE-2024-56748 | 2024-12-29 | scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() |
| CVE-2024-56749 | 2024-12-29 | dlm: fix dlm_recover_members refcount on error |
| CVE-2024-56750 | 2024-12-29 | erofs: fix blksize < PAGE_SIZE for file-backed mounts |
| CVE-2024-56751 | 2024-12-29 | ipv6: release nexthop on device removal |
| CVE-2024-56752 | 2024-12-29 | drm/nouveau/gr/gf100: Fix missing unlock in gf100_gr_chan_new() |
| CVE-2024-56753 | 2024-12-29 | drm/amdgpu/gfx9: Add Cleaner Shader Deinitialization in gfx_v9_0 Module |
| CVE-2024-56754 | 2024-12-29 | crypto: caam - Fix the pointer passed to caam_qi_shutdown() |
| CVE-2024-56755 | 2024-12-29 | netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING |
| CVE-2024-56756 | 2024-12-29 | nvme-pci: fix freeing of the HMB descriptor table |
| CVE-2024-13012 | 2024-12-29 | code-projects Hostel Management System registration.php cross site scripting |
| CVE-2024-13013 | 2024-12-29 | PHPGurukul Maid Hiring Management System Contact Us Page contactus.php cross site scripting |
| CVE-2024-13014 | 2024-12-29 | PHPGurukul Maid Hiring Management System search-maid.php sql injection |
| CVE-2024-13015 | 2024-12-29 | PHPGurukul Maid Hiring Management System search-booking-request.php cross site scripting |
| CVE-2024-13016 | 2024-12-29 | PHPGurukul Maid Hiring Management System edit-category.php sql injection |
| CVE-2024-13017 | 2024-12-29 | PHPGurukul Maid Hiring Management System About Us Page aboutus.php cross site scripting |
| CVE-2024-13018 | 2024-12-29 | PHPGurukul Maid Hiring Management System profile.php cross site scripting |
| CVE-2024-13019 | 2024-12-29 | code-projects Chat System Chat Room Page update_room.php cross site scripting |
| CVE-2024-13020 | 2024-12-29 | code-projects Chat System chatroom.php sql injection |
| CVE-2024-13021 | 2024-12-29 | SourceCodester Road Accident Map Marker add-mark.php cross site scripting |
| CVE-2024-13022 | 2024-12-29 | taisan tarzan-cms Article Management UploadController.java UploadResponse unrestricted upload |
| CVE-2024-13023 | 2024-12-29 | PHPGurukul Maid Hiring Management System Search Maid Page search-maid.php cross site scripting |
| CVE-2024-13024 | 2024-12-29 | Codezips Blood Bank Management System campaign.php sql injection |
| CVE-2024-13025 | 2024-12-29 | Codezips College Management System faculty.php sql injection |
| CVE-2024-13028 | 2024-12-29 | Antabot White-Jotter login observable response discrepancy |
| CVE-2024-13029 | 2024-12-29 | Antabot White-Jotter Edit Book book server-side request forgery |
| CVE-2024-46542 | 2024-12-30 | Veritas / Arctera Data Insight before 7.1.1 allows Application Administrators... |
| CVE-2024-50701 | 2024-12-30 | TeamPass before 3.1.3.1, when retrieving information about access rights for... |
| CVE-2024-50702 | 2024-12-30 | TeamPass before 3.1.3.1 does not properly check whether a mail_me... |
| CVE-2024-50703 | 2024-12-30 | TeamPass before 3.1.3.1 does not properly prevent a user from... |
| CVE-2024-13030 | 2024-12-30 | D-Link DIR-823G Web Management Interface HNAP1 SetVirtualServerSettings access control |
| CVE-2024-13031 | 2024-12-30 | Antabot White-Jotter Article Content Editor editor cross site scripting |
| CVE-2024-13032 | 2024-12-30 | Antabot White-Jotter Article Editor editor server-side request forgery |
| CVE-2024-13033 | 2024-12-30 | code-projects Chat System chatroom.php cross site scripting |
| CVE-2024-13034 | 2024-12-30 | code-projects Chat System update_user.php cross site scripting |
| CVE-2024-13035 | 2024-12-30 | code-projects Chat System update_user.php sql injection |
| CVE-2024-13036 | 2024-12-30 | code-projects Chat System update_room.php sql injection |
| CVE-2024-13037 | 2024-12-30 | 1000 Projects Attendance Tracking Management System report.php attendance_report sql injection |
| CVE-2024-13038 | 2024-12-30 | CodeAstro Simple Loan Management System Login index.php sql injection |
| CVE-2024-13039 | 2024-12-30 | code-projects Simple Chat System add_user.php sql injection |
| CVE-2024-22063 | 2024-12-30 | ZTE ZENIC ONE R58 product has a CSV injection vulnerability |
| CVE-2024-47917 | 2024-12-30 | Mobotix - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
| CVE-2024-47918 | 2024-12-30 | Tiki Wiki CMS – CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) |
| CVE-2024-47919 | 2024-12-30 | Tiki Wiki CMS – CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') |
| CVE-2024-47920 | 2024-12-30 | Tiki Wiki CMS – CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
| CVE-2024-47921 | 2024-12-30 | Smadar SPS – CWE-327: Use of a Broken or Risky Cryptographic Algorithm |
| CVE-2024-47922 | 2024-12-30 | Priority – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor |
| CVE-2024-47923 | 2024-12-30 | Mashov – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor |
| CVE-2024-47924 | 2024-12-30 | Boa web server – CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
| CVE-2024-47925 | 2024-12-30 | Tecnick TCExam – Multiple CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
| CVE-2024-47926 | 2024-12-30 | Tecnick TCExam – CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') |
| CVE-2024-12993 | 2024-12-30 | Location information exposure in Infinix Weather app |
| CVE-2024-10044 | 2024-12-30 | SSRF in POST /worker_generate_stream API endpoint in lm-sys/fastchat |
| CVE-2024-54181 | 2024-12-30 | IBM WebSphere Automation command injection |
| CVE-2024-52294 | 2024-12-30 | khoj has an IDOR in subscription management that allows unauthorized subscription modifications |