Lista CVE - 2024 / Gennaio
Visualizzazione 2101 - 2200 di 2591 CVE per Gennaio 2024 (Pagina 22 di 26)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2024-22154 | 2024-01-24 | WordPress SalesKing Plugin <= 1.6.15 is vulnerable to Sensitive Data Exposure |
| CVE-2023-51702 | 2024-01-24 | Apache Airflow CNCF Kubernetes provider, Apache Airflow: Kubernetes configuration file saved without encryption in the Metadata and logged as plain text in the Triggerer service |
| CVE-2023-50943 | 2024-01-24 | Apache Airflow: Potential pickle deserialization vulnerability in XComs |
| CVE-2023-50944 | 2024-01-24 | Apache Airflow: Bypass permission verification to read code of other dags |
| CVE-2023-6697 | 2024-01-24 | The WP Go Maps (formerly WP Google Maps) plugin for... |
| CVE-2024-22141 | 2024-01-24 | WordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Sensitive Data Exposure |
| CVE-2023-44281 | 2024-01-24 | Dell Pair Installer version prior to 1.2.1 contains an elevation... |
| CVE-2024-22229 | 2024-01-24 | Dell Unity, versions prior to 5.4, contain a vulnerability whereby... |
| CVE-2024-23641 | 2024-01-24 | Sending a GET or HEAD request with a body crashes SvelteKit |
| CVE-2024-23897 | 2024-01-24 | Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not... |
| CVE-2024-23898 | 2024-01-24 | Jenkins 2.217 through 2.441 (both inclusive), LTS 2.222.1 through 2.426.2... |
| CVE-2024-23899 | 2024-01-24 | Jenkins Git server Plugin 99.va_0826a_b_cdfa_d and earlier does not disable... |
| CVE-2024-23900 | 2024-01-24 | Jenkins Matrix Project Plugin 822.v01b_8c85d16d2 and earlier does not sanitize... |
| CVE-2024-23901 | 2024-01-24 | Jenkins GitLab Branch Source Plugin 684.vea_fa_7c1e2fe3 and earlier unconditionally discovers... |
| CVE-2024-23902 | 2024-01-24 | A cross-site request forgery (CSRF) vulnerability in Jenkins GitLab Branch... |
| CVE-2024-23903 | 2024-01-24 | Jenkins GitLab Branch Source Plugin 684.vea_fa_7c1e2fe3 and earlier uses a... |
| CVE-2024-23904 | 2024-01-24 | Jenkins Log Command Plugin 1.0.2 and earlier does not disable... |
| CVE-2024-23905 | 2024-01-24 | Jenkins Red Hat Dependency Analytics Plugin 0.7.1 and earlier programmatically... |
| CVE-2024-23648 | 2024-01-24 | Pimcore Admin Classic Bundle host header injection in the password reset |
| CVE-2024-23649 | 2024-01-24 | Any authenticated user may obtain private message details from other users on the same instance |
| CVE-2024-23644 | 2024-01-24 | trillium-http and trillium-client vulnerable to HTTP Request/Response Splitting |
| CVE-2024-23646 | 2024-01-24 | Pimcore Admin Classic Bundle SQL Injection in Admin download files as zip |
| CVE-2023-33757 | 2024-01-25 | A lack of SSL certificate validation in Splicecom iPCS (iOS... |
| CVE-2023-33758 | 2024-01-25 | Splicecom Maximiser Soft PBX v1.5 and before was discovered to... |
| CVE-2023-33760 | 2024-01-25 | SpliceCom Maximiser Soft PBX v1.5 and before was discovered to... |
| CVE-2023-41474 | 2024-01-25 | Directory Traversal vulnerability in Ivanti Avalanche 6.3.4.153 allows a remote... |
| CVE-2023-50785 | 2024-01-25 | Zoho ManageEngine ADAudit Plus before 7270 allows admin users to... |
| CVE-2023-52251 | 2024-01-25 | An issue discovered in provectus kafka-ui 0.4.0 through 0.7.1 allows... |
| CVE-2024-22635 | 2024-01-25 | WebCalendar v1.3.0 was discovered to contain a reflected cross-site scripting... |
| CVE-2024-22637 | 2024-01-25 | Form Tools v3.1.1 was discovered to contain a reflected cross-site... |
| CVE-2024-22749 | 2024-01-25 | GPAC v2.3 was detected to contain a buffer overflow via... |
| CVE-2024-23055 | 2024-01-25 | An issue in Plone Docker Official Image 5.2.13 (5221) open-source... |
| CVE-2023-33759 | 2024-01-25 | SpliceCom Maximiser Soft PBX v1.5 and before does not restrict... |
| CVE-2023-51833 | 2024-01-25 | A command injection issue in TRENDnet TEW-411BRPplus v.2.07_eu that allows... |
| CVE-2023-52046 | 2024-01-25 | Cross Site Scripting vulnerability (XSS) in webmin v.2.105 and earlier... |
| CVE-2024-22529 | 2024-01-25 | TOTOLINK X2000R_V2 V2.0.0-B20230727.10434 has a command injection vulnerability in the... |
| CVE-2024-22636 | 2024-01-25 | PluXml Blog v5.8.9 was discovered to contain a remote code... |
| CVE-2024-22638 | 2024-01-25 | liveSite v2019.1 was discovered to contain a remote code execution... |
| CVE-2024-22639 | 2024-01-25 | iGalerie v3.0.22 was discovered to contain a reflected cross-site scripting... |
| CVE-2024-22729 | 2024-01-25 | NETIS SYSTEMS MW5360 V1.0.1.3031 was discovered to contain a command... |
| CVE-2024-22922 | 2024-01-25 | An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows... |
| CVE-2024-23985 | 2024-01-25 | EzServer 6.4.017 allows a denial of service (daemon crash) via... |
| CVE-2024-24399 | 2024-01-25 | An arbitrary file upload vulnerability in LEPTON v7.0.0 allows authenticated... |
| CVE-2024-0617 | 2024-01-25 | The Category Discount Woocommerce plugin for WordPress is vulnerable to... |
| CVE-2024-0624 | 2024-01-25 | The Paid Memberships Pro – Content Restriction, User Registration, &... |
| CVE-2024-0688 | 2024-01-25 | The "WebSub (FKA. PubSubHubbub)" plugin for WordPress is vulnerable to... |
| CVE-2024-0625 | 2024-01-25 | The WPFront Notification Bar plugin for WordPress is vulnerable to... |
| CVE-2024-23307 | 2024-01-25 | Integer overflow in raid5_cache_count in Linux kernel |
| CVE-2024-22099 | 2024-01-25 | NULL pointer deference in rfcomm_check_security in Linux kernel |
| CVE-2023-6282 | 2024-01-25 | Cross-Site Scripting vulnerability in IceHrm |
| CVE-2024-23855 | 2024-01-25 | Cross-Site Scripting (XSS) vulnerability in Cups Easy |
| CVE-2024-0879 | 2024-01-25 | Authentication bypass in vector-admin domain restriction |
| CVE-2024-22432 | 2024-01-25 | Networker 19.9 and all prior versions contains a Plain-text Password... |
| CVE-2024-0822 | 2024-01-25 | Ovirt: authentication bypass |
| CVE-2023-3181 | 2024-01-25 | Insecure Permissions in Splashtop Software Updater |
| CVE-2023-52076 | 2024-01-25 | Remote Code Execution Vulnerability in Atril's EPUB ebook parsing |
| CVE-2023-40547 | 2024-01-25 | Shim: rce in http boot support may lead to secure boot bypass |
| CVE-2024-0880 | 2024-01-25 | Qidianbang qdbcrm Password Reset cross-site request forgery |
| CVE-2023-6267 | 2024-01-25 | Quarkus: json payload getting processed prior to security checks when rest resources are used with annotations. |
| CVE-2023-7227 | 2024-01-25 | Command Injection vulnerability in SystemK NVR 504/508/516 |
| CVE-2024-0882 | 2024-01-25 | qwdigital LinkWechat Universal Download Interface resource path traversal |
| CVE-2024-0883 | 2024-01-25 | SourceCodester Online Tours & Travels Management System pay.php prepare sql injection |
| CVE-2024-21630 | 2024-01-25 | Zulip non-admins can invite new users to streams they would not otherwise be able to add existing users to |
| CVE-2024-23655 | 2024-01-25 | Attacker can prevent users from accessing received emails |
| CVE-2024-23817 | 2024-01-25 | Dolibarr Application Home Page HTML injection vulnerability |
| CVE-2024-23656 | 2024-01-25 | Dex 2.37.0 is discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphers |
| CVE-2023-52355 | 2024-01-25 | Libtiff: tiffrasterscanlinesize64 produce too-big size and could cause oom |
| CVE-2023-52356 | 2024-01-25 | Libtiff: segment fault in libtiff in tiffreadrgbatileext() leading to denial of service |
| CVE-2024-0884 | 2024-01-25 | SourceCodester Online Tours & Travels Management System payment.php exec sql injection |
| CVE-2024-0885 | 2024-01-25 | SpyCamLizard HTTP GET Request denial of service |
| CVE-2024-0886 | 2024-01-25 | Poikosoft EZ CD Audio Converter Activation denial of service |
| CVE-2024-0887 | 2024-01-25 | Mafiatic Blue Server Connection denial of service |
| CVE-2024-0888 | 2024-01-25 | BORGChat Service Port 7551 denial of service |
| CVE-2024-0889 | 2024-01-25 | Kmint21 Golden FTP Server PASV Command denial of service |
| CVE-2024-0890 | 2024-01-25 | hongmaple octopus edit sql injection |
| CVE-2024-21619 | 2024-01-25 | Junos OS: SRX Series and EX Series: J-Web - unauthenticated access to temporary files containing sensitive information |
| CVE-2024-21620 | 2024-01-25 | Junos OS: SRX Series and EX Series: J-Web doesn't sufficiently sanitize input to prevent XSS |
| CVE-2024-0891 | 2024-01-25 | hongmaple octopus cross site scripting |
| CVE-2024-23613 | 2024-01-25 | Symantec Deployment Solution Remote Code Execution |
| CVE-2024-23614 | 2024-01-25 | Symantec Messaging Gateway Buffer Overflow |
| CVE-2024-23615 | 2024-01-25 | Symantec Messaging Gateway Buffer Overflow |
| CVE-2024-23616 | 2024-01-25 | Symantec Server Management Suite Buffer Overflow |
| CVE-2024-23617 | 2024-01-25 | Symantec Data Loss Prevention Buffer Overflow |
| CVE-2024-23618 | 2024-01-25 | Arris SURFboard SBG6950AC2 Arbitrary Code Execution Vulnerability |
| CVE-2024-23619 | 2024-01-25 | IBM Merge Healthcare eFilm Workstation Hardcoded Credentials |
| CVE-2024-23620 | 2024-01-25 | IBM Merge Healthcare eFilm Workstation SYSTEM Privilege Escalation |
| CVE-2024-23621 | 2024-01-25 | IBM Merge Healthcare eFilm Workstation License Server Buffer Overflow |
| CVE-2024-23622 | 2024-01-25 | IBM Merge Healthcare eFilm Workstation License Server CopySLS_Request3 Buffer Overflow |
| CVE-2024-23624 | 2024-01-25 | D-Link DAP-1650 gena.cgi SUBSCRIBE Command Injection Vulnerability |
| CVE-2024-23625 | 2024-01-25 | D-Link DAP-1650 SUBSCRIBE Callback Command Injection Vulnerability |
| CVE-2024-23626 | 2024-01-25 | Motorola MR2600 SaveSysLogParams Command Injection Vulnerability |
| CVE-2024-23627 | 2024-01-25 | Motorola MR2600 SaveStaticRouteIPv4Params Command Injection Vulnerability |
| CVE-2024-23628 | 2024-01-25 | Motorola MR2600 SaveStaticRouteIPv6Params Command Injection Vulnerability |
| CVE-2024-23629 | 2024-01-25 | Motorola MR2600 Authentication Bypass Vulnerability |
| CVE-2024-23630 | 2024-01-25 | Motorola MR2600 Arbitrary Firmware Upload Vulnerability |
| CVE-2022-48622 | 2024-01-26 | In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows... |
| CVE-2023-38318 | 2024-01-26 | An issue was discovered in OpenNDS before 10.1.3. It fails... |
| CVE-2023-38319 | 2024-01-26 | An issue was discovered in OpenNDS before 10.1.3. It fails... |
| CVE-2023-48127 | 2024-01-26 | An issue in myGAKUYA mini-app on Line v13.6.1 allows attackers... |
| CVE-2023-48129 | 2024-01-26 | An issue in kimono-oldnew mini-app on Line v13.6.1 allows attackers... |