Lista CVE - 2024 / Marzo
Visualizzazione 201 - 300 di 3299 CVE per Marzo 2024 (Pagina 3 di 33)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2024-28084 | 2024-03-03 | p2putil.c in iNet wireless daemon (IWD) through 2.15 allows attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact because of initialization issues in situations... |
| CVE-2024-2134 | 2024-03-03 | Bdtask Hospita AutoManager Investigation Report cross-site request forgery |
| CVE-2024-2135 | 2024-03-03 | Bdtask Hospita AutoManager Hospital Activities Page form cross site scripting |
| CVE-2024-25016 | 2024-03-03 | IBM MQ denial of service |
| CVE-2024-27255 | 2024-03-03 | IBM MQ Container information disclosure |
| CVE-2023-47745 | 2024-03-03 | IBM MQ Container information disclosure |
| CVE-2023-43054 | 2024-03-03 | IBM Engineering Test Management cross-site scripting |
| CVE-2023-47742 | 2024-03-03 | IBM QRadar Suite information dislosure |
| CVE-2024-22355 | 2024-03-03 | IBM QRadar Suite information dislosure |
| CVE-2024-2145 | 2024-03-03 | SourceCodester Online Mobile Management Store update-tracker.php cross site scripting |
| CVE-2024-0765 | 2024-03-03 | Default user role exporting save state of instance |
| CVE-2024-2146 | 2024-03-03 | SourceCodester Online Mobile Management Store ?p=products cross site scripting |
| CVE-2022-43880 | 2024-03-03 | IBM QRadar WinCollect Agent |
| CVE-2023-27291 | 2024-03-03 | IBM Watson CP4D Data Stores information disclosure |
| CVE-2023-28512 | 2024-03-03 | IBM Watson CP4D Data Stores improper input validation |
| CVE-2024-2147 | 2024-03-03 | SourceCodester Online Mobile Management Store login.php sql injection |
| CVE-2024-2148 | 2024-03-03 | SourceCodester Online Mobile Management Store Users.php unrestricted upload |
| CVE-2024-2149 | 2024-03-03 | CodeAstro Membership Management System settings.php sql injection |
| CVE-2024-2150 | 2024-03-03 | SourceCodester Insurance Management System file inclusion |
| CVE-2024-2151 | 2024-03-03 | SourceCodester Online Mobile Management Store Product Price logic error |
| CVE-2023-49546 | 2024-03-04 | Customer Support System v1 was discovered to contain a SQL injection vulnerability via the email parameter at /customer_support/ajax.php. |
| CVE-2023-49547 | 2024-03-04 | Customer Support System v1 was discovered to contain a SQL injection vulnerability via the username parameter at /customer_support/ajax.php?action=login. |
| CVE-2023-49548 | 2024-03-04 | Customer Support System v1 was discovered to contain a SQL injection vulnerability via the lastname parameter at /customer_support/ajax.php?action=save_user. |
| CVE-2023-49968 | 2024-03-04 | Customer Support System v1 was discovered to contain a SQL injection vulnerability via the id parameter at /customer_support/manage_department.php. |
| CVE-2023-49969 | 2024-03-04 | Customer Support System v1 was discovered to contain a SQL injection vulnerability via the id parameter at /customer_support/index.php?page=edit_customer. |
| CVE-2023-49970 | 2024-03-04 | Customer Support System v1 was discovered to contain a SQL injection vulnerability via the subject parameter at /customer_support/ajax.php?action=save_ticket. |
| CVE-2024-25164 | 2024-03-04 | iA Path Traversal vulnerability exists in iDURAR v2.0.0, that allows unauthenticated attackers to expose sensitive files via the download functionality. |
| CVE-2024-27680 | 2024-03-04 | Flusity-CMS v2.33 is vulnerable to Cross Site Scripting (XSS) in the "Contact form." |
| CVE-2024-27684 | 2024-03-04 | A Cross-site scripting (XSS) vulnerability in dlapn.cgi, dldongle.cgi, dlcfg.cgi, fwup.cgi and seama.cgi in D-Link GORTAC750_A1_FW_v101b03 allows remote attackers to inject arbitrary web script or HTML via the url parameter. |
| CVE-2024-27694 | 2024-03-04 | FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the /system/share/ztree_category_edit. |
| CVE-2024-27718 | 2024-03-04 | SQL Injection vulnerability in Baizhuo Network Smart s200 Management Platform v.S200 allows a local attacker to obtain sensitive information and escalate privileges via the /importexport.php component. |
| CVE-2024-25731 | 2024-03-04 | The Elink Smart eSmartCam (com.cn.dq.ipc) application 2.1.5 for Android contains hardcoded AES encryption keys that can be extracted from a binary file. Thus, encryption can be defeated by an attacker... |
| CVE-2024-27668 | 2024-03-04 | Flusity-CMS v2.33 is affected by: Cross Site Scripting (XSS) in 'Custom Blocks.' |
| CVE-2024-2152 | 2024-03-04 | SourceCodester Online Mobile Management Store manage_product.php sql injection |
| CVE-2024-2153 | 2024-03-04 | SourceCodester Online Mobile Management Store view_order.php sql injection |
| CVE-2024-2154 | 2024-03-04 | SourceCodester Online Mobile Management Store view_product.php sql injection |
| CVE-2024-2155 | 2024-03-04 | SourceCodester Best POS Management System index.php file inclusion |
| CVE-2024-2156 | 2024-03-04 | SourceCodester Best POS Management System admin_class.php sql injection |
| CVE-2024-20017 | 2024-03-04 | In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User... |
| CVE-2024-20020 | 2024-03-04 | In OPTEE, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction... |
| CVE-2024-20018 | 2024-03-04 | In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed.... |
| CVE-2024-20019 | 2024-03-04 | In wlan driver, there is a possible memory leak due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction... |
| CVE-2024-20005 | 2024-03-04 | In da, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is... |
| CVE-2024-20022 | 2024-03-04 | In lk, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction... |
| CVE-2024-20023 | 2024-03-04 | In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction... |
| CVE-2024-20024 | 2024-03-04 | In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction... |
| CVE-2024-20025 | 2024-03-04 | In da, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction... |
| CVE-2024-20026 | 2024-03-04 | In da, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed... |
| CVE-2024-20027 | 2024-03-04 | In da, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction... |
| CVE-2024-20028 | 2024-03-04 | In da, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction... |
| CVE-2024-20030 | 2024-03-04 | In da, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed... |
| CVE-2024-20031 | 2024-03-04 | In da, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction... |
| CVE-2024-20029 | 2024-03-04 | In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2024-20032 | 2024-03-04 | In aee, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is... |
| CVE-2024-20033 | 2024-03-04 | In nvram, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not... |
| CVE-2024-20034 | 2024-03-04 | In battery, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction... |
| CVE-2024-20036 | 2024-03-04 | In vdec, there is a possible permission bypass due to a permissions bypass. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed... |
| CVE-2024-20037 | 2024-03-04 | In pq, there is a possible write-what-where condition due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is... |
| CVE-2024-20038 | 2024-03-04 | In pq, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction... |
| CVE-2023-25176 | 2024-03-04 | Pasteboard has an out-of-bounds read vulnerability |
| CVE-2023-46708 | 2024-03-04 | Wlan has a use after free vulnerability |
| CVE-2023-49602 | 2024-03-04 | Arkui has a type confusion vulnerability |
| CVE-2024-21816 | 2024-03-04 | Background task manager has an improper preservation of permissions vulnerability |
| CVE-2024-21826 | 2024-03-04 | Huks has an insecure storage of sensitive information vulnerability |
| CVE-2024-26622 | 2024-03-04 | tomoyo: fix UAF write bug in tomoyo_write_control() |
| CVE-2023-4479 | 2024-03-04 | Stored XSS Vulnerability in M-Files Web |
| CVE-2023-6143 | 2024-03-04 | Mali GPU Kernel Driver allows improper GPU memory processing operations |
| CVE-2023-28578 | 2024-03-04 | Improper Input Validation in Services |
| CVE-2023-28582 | 2024-03-04 | Buffer Copy Without Checking Size of Input in Data Modem |
| CVE-2023-33066 | 2024-03-04 | Use of Out-of-range Pointer Offset in Audio |
| CVE-2023-33078 | 2024-03-04 | Buffer Over-read in DSP Services |
| CVE-2023-33084 | 2024-03-04 | Improper Release of Memory Before Removing Last Reference in Data Modem |
| CVE-2023-33086 | 2024-03-04 | Improper Release of Memory Before Removing Last Reference in Data Modem |
| CVE-2023-33090 | 2024-03-04 | Buffer Over-read in Audio |
| CVE-2023-33095 | 2024-03-04 | Reachable Assertion in Multi-Mode Call Processor |
| CVE-2023-33096 | 2024-03-04 | Reachable Assertion in Multi-Mode Call Processor |
| CVE-2023-33103 | 2024-03-04 | Improper Input Validation in Multi-Mode Call Processor |
| CVE-2023-33104 | 2024-03-04 | Improper input Validation in Multi-Mode Call Processor |
| CVE-2023-33105 | 2024-03-04 | Configuration Issue in WLAN Host and Firmware |
| CVE-2023-43539 | 2024-03-04 | Buffer Over-read in WLAN Firmware |
| CVE-2023-43540 | 2024-03-04 | Buffer Copy Without Checking Size of Input in Bluetooth HOST |
| CVE-2023-43541 | 2024-03-04 | NULL Pointer Dereference in Windows Graphics |
| CVE-2023-43546 | 2024-03-04 | Use After Free in Automotive Multimedia |
| CVE-2023-43547 | 2024-03-04 | Use After Free in Automotive Multimedia |
| CVE-2023-43548 | 2024-03-04 | Buffer Copy Without Checking Size of Input in Video |
| CVE-2023-43549 | 2024-03-04 | Stack-based Buffer Overflow in WLAN HAL |
| CVE-2023-43550 | 2024-03-04 | Integer Overflow or Wraparound in Core Services |
| CVE-2023-43552 | 2024-03-04 | Use After Free in WLAN Host Communication |
| CVE-2023-43553 | 2024-03-04 | Use of Out-of-range Pointer Offset in WLAN HOST |
| CVE-2023-6241 | 2024-03-04 | Mali GPU Kernel Driver allows improper GPU memory processing operations |
| CVE-2024-0156 | 2024-03-04 | Dell Digital Delivery, versions prior to 5.2.0.0, contain a Buffer Overflow Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to arbitrary code execution and/or privilege escalation. |
| CVE-2024-0155 | 2024-03-04 | Dell Digital Delivery, versions prior to 5.2.0.0, contain a Use After Free Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to application crash or execution of... |
| CVE-2024-22452 | 2024-03-04 | Dell Display and Peripheral Manager for macOS prior to 1.3 contains an improper access control vulnerability. A low privilege user could potentially exploit this vulnerability by modifying files in the... |
| CVE-2024-22463 | 2024-03-04 | Dell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken or risky cryptographic algorithm vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to compromise of... |
| CVE-2024-24901 | 2024-03-04 | Dell PowerScale OneFS 8.2.x through 9.6.0.x contain an insufficient logging vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, causing audit messages lost and not recorded... |
| CVE-2022-43890 | 2024-03-04 | IBM Security Verify Privilege On-Premises information disclosure |
| CVE-2023-5451 | 2024-03-04 | Forcepoint NGFW Security Management Center Management Server has SMC Downloads optional feature to offer standalone Management Client downloads and ECA configuration downloads. Improper Neutralization of Input During Web Page Generation... |
| CVE-2023-38362 | 2024-03-04 | IBM CICS TX information disclosure |
| CVE-2024-27198 | 2024-03-04 | In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible |
| CVE-2024-27199 | 2024-03-04 | In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible |