VULNMAP - Vulnerabilità di Sicurezza

Lista CVE - 2024 / Febbraio

Visualizzazione 901 - 1000 di 2784 CVE per Febbraio 2024 (Pagina 10 di 28)

ID CVE Data Titolo
CVE-2024-24928 2024-02-12 WordPress Content Cards Plugin <= 0.9.7 is vulnerable to Cross Site Scripting (XSS)
CVE-2024-24927 2024-02-12 WordPress Brooklyn Theme <= 4.9.7.6 is vulnerable to Cross Site Scripting (XSS)
CVE-2024-24889 2024-02-12 WordPress All 404 Pages Redirect to Homepage Plugin <= 1.9 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-51403 2024-02-12 WordPress Restaurant Reservations Plugin <= 1.8 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-51370 2024-02-12 WordPress WP Chat App Plugin <= 3.4.4 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-50875 2024-02-12 WordPress Sensei LMS Plugin <= 4.17.0 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-47526 2024-02-12 WordPress Chartify Plugin <= 2.0.6 is vulnerable to Cross Site Scripting (XSS)
CVE-2024-25100 2024-02-12 WordPress Coupon Referral Program Plugin <= 1.7.2 is vulnerable to PHP Object Injection
CVE-2024-24926 2024-02-12 WordPress Brooklyn Theme <= 4.9.7.6 is vulnerable to PHP Object Injection
CVE-2024-24797 2024-02-12 WordPress ERE Recently Viewed Plugin <= 1.3 is vulnerable to PHP Object Injection
CVE-2024-24796 2024-02-12 WordPress Event Manager for WooCommerce Plugin <= 4.1.1 is vulnerable to PHP Object Injection
CVE-2024-23513 2024-02-12 WordPress PropertyHive Plugin <= 2.0.5 is vulnerable to PHP Object Injection
CVE-2023-41703 2024-02-12 User ID references at mentions in document comments were not...
CVE-2023-41704 2024-02-12 Processing of CID references at E-Mail can be abused to...
CVE-2023-41705 2024-02-12 Processing of user-defined DAV user-agent strings is not limited. Availability...
CVE-2023-41706 2024-02-12 Processing time of drive search expressions now gets monitored, and...
CVE-2023-41707 2024-02-12 Processing of user-defined mail search expressions is not limited. Availability...
CVE-2023-41708 2024-02-12 References to the "app loader" functionality could contain redirects to...
CVE-2024-23512 2024-02-12 WordPress ProductX – Gutenberg WooCommerce Blocks Plugin <= 3.1.4 is vulnerable to PHP Object Injection
CVE-2023-46615 2024-02-12 WordPress KD Coming Soon Plugin <= 1.7 is vulnerable to PHP Object Injection
CVE-2024-24935 2024-02-12 WordPress Basic Log Viewer Plugin <= 1.0.4 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2024-24929 2024-02-12 WordPress WP Contact Form Plugin <= 1.6 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2024-24887 2024-02-12 WordPress Contest Gallery Plugin <= 21.2.8.4 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2024-24884 2024-02-12 WordPress Contact Form 7 Connector Plugin <= 1.2.2 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2024-24875 2024-02-12 WordPress Link Library Plugin <= 7.5.13 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2024-1439 2024-02-12 Inadequate access control vulnerability in Moodle
CVE-2024-1062 2024-02-12 389-ds-base: a heap overflow leading to denail-of-servce while writing a value larger than 256 chars (in log_entry_attr)
CVE-2023-6681 2024-02-12 Jwcrypto: denail of service via specifically crafted jwe
CVE-2023-6501 2024-02-12 Splashscreen <= 0.20 - Settings Update via CSRF
CVE-2024-0421 2024-02-12 MapPress Maps for WordPress < 2.88.16 - Unauthenticated Arbitrary Private/Draft Post Disclosure
CVE-2024-0250 2024-02-12 Analytics Insights for Google Analytics 4 < 6.3 - Open Redirect
CVE-2023-7233 2024-02-12 GigPress <= 2.3.29 - Admin+ Stored Cross Site Scripting
CVE-2024-0420 2024-02-12 MapPress Maps for WordPress < 2.88.15 - Contributor+ Stored XSS
CVE-2023-6499 2024-02-12 lasTunes <= 3.6.1 - Settings Update via CSRF
CVE-2024-0248 2024-02-12 EazyDocs < 2.4.0 - Subscriber+ Arbitrary Posts Deletion and Document Management
CVE-2024-0566 2024-02-12 Smart Manager < 8.28.0 - Admin+ SQL Injection
CVE-2023-6591 2024-02-12 Popup Box Pro < 20.9.0 - Admin+ Stored XSS
CVE-2023-6082 2024-02-12 Chart.js for WordPress <= 2023.2 - Editor+ Stored Cross-Site Scripting
CVE-2023-6036 2024-02-12 Web3 – Crypto wallet Login & NFT token gating < 3.0.0 - Authentication Bypass
CVE-2023-6294 2024-02-12 popup-builder < 4.2.6 - Admin+ SSRF & File Read
CVE-2023-6081 2024-02-12 Chart.js for WordPress <= 2023.2 - Editor+ Stored Cross-Site Scripting in New Chart
CVE-2022-38714 2024-02-12 IBM DataStage on Cloud Pak for Data information disclosure
CVE-2022-34310 2024-02-12 IBM CICS TX information disclosure
CVE-2024-0170 2024-02-12 Dell Unity, versions prior to 5.4, contains an OS Command...
CVE-2022-34311 2024-02-12 IBM CICS TX session fixation
CVE-2024-0169 2024-02-12 Dell Unity, version(s) 5.3 and prior, contain(s) an Improper Neutralization...
CVE-2024-0168 2024-02-12 Dell Unity, versions prior to 5.4, contains a Command Injection...
CVE-2024-0167 2024-02-12 Dell Unity, versions prior to 5.4, contains an OS Command...
CVE-2024-0166 2024-02-12 Dell Unity, versions prior to 5.4, contains an OS Command...
CVE-2024-0165 2024-02-12 Dell Unity, versions prior to 5.4, contains an OS Command...
CVE-2024-0164 2024-02-12 Dell Unity, versions prior to 5.4, contain an OS Command...
CVE-2024-22227 2024-02-12 Dell Unity, versions prior to 5.4, contains an OS Command...
CVE-2024-22228 2024-02-12 Dell Unity, versions prior to 5.4, contains an OS Command...
CVE-2024-22230 2024-02-12 Dell Unity, versions prior to 5.4, contains a Cross-site scripting...
CVE-2024-22224 2024-02-12 Dell Unity, versions prior to 5.4, contains an OS Command...
CVE-2024-22225 2024-02-12 Dell Unity, versions prior to 5.4, contains an OS Command...
CVE-2024-22226 2024-02-12 Dell Unity, versions prior to 5.4, contain a path traversal...
CVE-2024-22221 2024-02-12 Dell Unity, versions prior to 5.4, contains SQL Injection vulnerability....
CVE-2024-22222 2024-02-12 Dell Unity, versions prior to 5.4, contains an OS Command...
CVE-2022-34309 2024-02-12 IBM CICS TX information disclosure
CVE-2024-22223 2024-02-12 Dell Unity, versions prior to 5.4, contains an OS Command...
CVE-2022-22506 2024-02-12 IBM Robotic Process Automation information disclosure
CVE-2021-4437 2024-02-12 dbartholomae lambda-middleware frameguard JSON Mime-Type JsonDeserializer.ts redos
CVE-2024-25110 2024-02-12 Azure IoT Platform Device SDK Remote Code Execution Vulnerability
CVE-2024-25108 2024-02-12 Insufficient authorization allowing elevated access to resources in pixelfed
CVE-2024-23833 2024-02-12 OpenRefine JDBC Attack Vulnerability
CVE-2024-1459 2024-02-12 Undertow: directory traversal vulnerability
CVE-2024-1250 2024-02-12 Privilege Chaining in GitLab
CVE-2024-25112 2024-02-12 Denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder in Exiv2
CVE-2024-24826 2024-02-12 Out-of-bounds read in QuickTimeVideo::NikonTagsDecoder in Exiv2
CVE-2024-1454 2024-02-12 Opensc: memory use after free in authentic driver when updating token info
CVE-2023-28018 2024-02-12 HCL Connections s vulnerable to possible denial of service for certain users
CVE-2022-48623 2024-02-13 The Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses...
CVE-2023-26562 2024-02-13 In Zimbra Collaboration (ZCS) 8.8.15 and 9.0, a closed account...
CVE-2023-50808 2024-02-13 Zimbra Collaboration before Kepler 9.0.0 Patch 38 GA allows DOM-based...
CVE-2023-38960 2024-02-13 Insecure Permissions issue in Raiden Professional Server RaidenFTPD v.2.4 build...
CVE-2023-42374 2024-02-13 An issue in mystenlabs Sui Blockchain before v.1.6.3 allow a...
CVE-2023-45206 2024-02-13 An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15, 9.0,...
CVE-2023-45207 2024-02-13 An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15, 9.0,...
CVE-2023-48432 2024-02-13 An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15, 9.0,...
CVE-2023-49339 2024-02-13 Ellucian Banner 9.17 allows Insecure Direct Object Reference (IDOR) via...
CVE-2023-52059 2024-02-13 A cross-site scripting (XSS) vulnerability in Gestsup v3.2.46 allows attackers...
CVE-2023-52060 2024-02-13 A Cross-Site Request Forgery (CSRF) in Gestsup v3.2.46 allows attackers...
CVE-2023-52431 2024-02-13 The Plack::Middleware::XSRFBlock package before 0.0.19 for Perl allows attackers to...
CVE-2024-22923 2024-02-13 SQL injection vulnerability in adv radius v.2.2.5 allows a local...
CVE-2024-24142 2024-02-13 Sourcecodester School Task Manager 1.0 allows SQL Injection via the...
CVE-2024-25407 2024-02-13 SteVe v3.6.0 was discovered to use predictable transaction ID's when...
CVE-2024-22126 2024-02-13 Cross Site Scripting vulnerability in SAP NetWeaver AS Java (User Admin Application)
CVE-2024-22128 2024-02-13 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Business Client for HTML
CVE-2024-22130 2024-02-13 Cross-Site Scripting (XSS) vulnerability in SAP CRM WebClient UI
CVE-2024-22131 2024-02-13 Code Injection vulnerability in SAP ABA (Application Basis)
CVE-2024-22132 2024-02-13 Code Injection vulnerability in SAP IDES Systems
CVE-2024-24739 2024-02-13 Missing authorization check in SAP BAM (Bank Account Management)
CVE-2024-24740 2024-02-13 Information Disclosure vulnerability in SAP NetWeaver Application Server ABAP (SAP Kernel)
CVE-2024-24742 2024-02-13 Cross-Site Scripting (XSS) vulnerability in SAP CRM (WebClient UI)
CVE-2024-24743 2024-02-13 XXE vulnerability in SAP NetWeaver AS Java (Guided Procedures)
CVE-2023-47218 2024-02-13 QTS, QuTS hero, QuTScloud
CVE-2024-25642 2024-02-13 Improper Certificate Validation in SAP Cloud Connector
CVE-2023-50358 2024-02-13 QTS, QuTS hero, QuTScloud
CVE-2024-25643 2024-02-13 Missing authorization check in SAP Fiori app (My Overtime Requests)