Lista CVE - 2024 / Aprile
Visualizzazione 1001 - 1100 di 3605 CVE per Aprile 2024 (Pagina 11 di 37)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2024-2224 | 2024-04-09 | Privilege Escalation via the GravityZone productManager UpdateServer.KitsManager API (VA-11466) |
| CVE-2023-6317 | 2024-04-09 | PIN/prompt bypass on the secondscreen.gateway service allows access to the SSAP API without user interaction |
| CVE-2023-6318 | 2024-04-09 | Command injection in the processAnalyticsReport method from the com.webos.service.cloudupload service |
| CVE-2023-6319 | 2024-04-09 | Command injection in the getAudioMetadata method from the com.webos.service.attachedstoragemanager service |
| CVE-2023-6320 | 2024-04-09 | Command injection in the com.webos.service.connectionmanager/tv/setVlanStaticAddress endpoint |
| CVE-2024-28190 | 2024-04-09 | Contao core bundle vulnerable to cross site scripting in the file manager |
| CVE-2024-28191 | 2024-04-09 | Contao may have unencoded insert tags in the frontend |
| CVE-2024-28234 | 2024-04-09 | Contao has insufficient BBCode sanitizer |
| CVE-2023-49906 | 2024-04-09 | A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series... |
| CVE-2023-49907 | 2024-04-09 | A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series... |
| CVE-2023-49908 | 2024-04-09 | A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series... |
| CVE-2023-49909 | 2024-04-09 | A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series... |
| CVE-2023-49910 | 2024-04-09 | A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series... |
| CVE-2023-49911 | 2024-04-09 | A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series... |
| CVE-2023-49912 | 2024-04-09 | A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series... |
| CVE-2023-49913 | 2024-04-09 | A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series... |
| CVE-2023-48724 | 2024-04-09 | A memory corruption vulnerability exists in the web interface functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted HTTP POST request can... |
| CVE-2023-49133 | 2024-04-09 | A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point (EAP115... |
| CVE-2023-49134 | 2024-04-09 | A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point (EAP115... |
| CVE-2023-49074 | 2024-04-09 | A denial of service vulnerability exists in the TDDP functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of network requests... |
| CVE-2024-23662 | 2024-04-09 | An exposure of sensitive information to an unauthorized actor in Fortinet FortiOS at least version at least 7.4.0 through 7.4.1 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.15 and 6.4.0... |
| CVE-2023-45590 | 2024-04-09 | An improper control of generation of code ('code injection') in Fortinet FortiClientLinux version 7.2.0, 7.0.6 through 7.0.10 and 7.0.3 through 7.0.4 allows attacker to execute unauthorized code or commands via... |
| CVE-2023-47541 | 2024-04-09 | An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 through 4.4.2 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.5 and 3.2.0 through... |
| CVE-2024-23671 | 2024-04-09 | A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 through 4.4.3 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.4 allows attacker to... |
| CVE-2023-41677 | 2024-04-09 | A insufficiently protected credentials in Fortinet FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, Fortinet FortiOS 7.4.0 through... |
| CVE-2024-31487 | 2024-04-09 | A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 through 4.4.4 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.5 and 3.2.0 through... |
| CVE-2023-47540 | 2024-04-09 | An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSandbox version 4.4.0 through 4.4.2 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.5 and... |
| CVE-2024-21756 | 2024-04-09 | A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSandbox version 4.4.0 through 4.4.3 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.4 allows... |
| CVE-2023-47542 | 2024-04-09 | A improper neutralization of special elements used in a template engine [CWE-1336] in FortiManager versions 7.4.1 and below, versions 7.2.4 and below, and 7.0.10 and below allows attacker to execute... |
| CVE-2023-48784 | 2024-04-09 | A use of externally-controlled format string vulnerability [CWE-134] in FortiOS version 7.4.1 and below, version 7.2.7 and below, 7.0 all versions, 6.4 all versions command line interface may allow a... |
| CVE-2024-21755 | 2024-04-09 | A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSandbox version 4.4.0 through 4.4.3 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.4 allows... |
| CVE-2024-3281 | 2024-04-09 | A vulnerability was discovered in the firmware builds after 8.0.2.3267 and prior to 8.1.3.1301 in CCX devices. A flaw in the firmware build process did not properly restrict access to... |
| CVE-2024-28235 | 2024-04-09 | Contao possible cookie sharing with external domains while checking protected pages for broken links |
| CVE-2024-31864 | 2024-04-09 | Apache Zeppelin: Remote code execution by adding malicious JDBC connection string |
| CVE-2024-31865 | 2024-04-09 | Apache Zeppelin: Cron arbitrary user impersonation with improper privileges |
| CVE-2024-31866 | 2024-04-09 | Apache Zeppelin: Interpreter download command does not escape malicious code injection |
| CVE-2024-31868 | 2024-04-09 | Apache Zeppelin: XSS vulnerability in the helium module |
| CVE-2024-31867 | 2024-04-09 | Apache Zeppelin: LDAP search filter query Injection Vulnerability |
| CVE-2024-30262 | 2024-04-09 | Contao's remember-me tokens will not be cleared after a password change |
| CVE-2024-29905 | 2024-04-09 | DIRAC: Unauthorized users can read proxy contents during generation |
| CVE-2024-31455 | 2024-04-09 | Minder GetRepositoryByName data leak |
| CVE-2024-20669 | 2024-04-09 | Secure Boot Security Feature Bypass Vulnerability |
| CVE-2024-20688 | 2024-04-09 | Secure Boot Security Feature Bypass Vulnerability |
| CVE-2024-20689 | 2024-04-09 | Secure Boot Security Feature Bypass Vulnerability |
| CVE-2024-21409 | 2024-04-09 | .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability |
| CVE-2024-21424 | 2024-04-09 | Azure Compute Gallery Elevation of Privilege Vulnerability |
| CVE-2024-26250 | 2024-04-09 | Secure Boot Security Feature Bypass Vulnerability |
| CVE-2024-26252 | 2024-04-09 | Windows rndismp6.sys Remote Code Execution Vulnerability |
| CVE-2024-26253 | 2024-04-09 | Windows rndismp6.sys Remote Code Execution Vulnerability |
| CVE-2024-26254 | 2024-04-09 | Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability |
| CVE-2024-26255 | 2024-04-09 | Windows Remote Access Connection Manager Information Disclosure Vulnerability |
| CVE-2024-26256 | 2024-04-09 | Libarchive Remote Code Execution Vulnerability |
| CVE-2024-26172 | 2024-04-09 | Windows DWM Core Library Information Disclosure Vulnerability |
| CVE-2024-26179 | 2024-04-09 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2024-26200 | 2024-04-09 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2024-26205 | 2024-04-09 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2024-26158 | 2024-04-09 | Microsoft Install Service Elevation of Privilege Vulnerability |
| CVE-2024-26232 | 2024-04-09 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability |
| CVE-2024-28920 | 2024-04-09 | Secure Boot Security Feature Bypass Vulnerability |
| CVE-2024-28922 | 2024-04-09 | Secure Boot Security Feature Bypass Vulnerability |
| CVE-2024-28921 | 2024-04-09 | Secure Boot Security Feature Bypass Vulnerability |
| CVE-2024-28919 | 2024-04-09 | Secure Boot Security Feature Bypass Vulnerability |
| CVE-2024-28923 | 2024-04-09 | Secure Boot Security Feature Bypass Vulnerability |
| CVE-2024-28896 | 2024-04-09 | Secure Boot Security Feature Bypass Vulnerability |
| CVE-2024-28898 | 2024-04-09 | Secure Boot Security Feature Bypass Vulnerability |
| CVE-2024-28901 | 2024-04-09 | Windows Remote Access Connection Manager Information Disclosure Vulnerability |
| CVE-2024-28902 | 2024-04-09 | Windows Remote Access Connection Manager Information Disclosure Vulnerability |
| CVE-2024-28903 | 2024-04-09 | Secure Boot Security Feature Bypass Vulnerability |
| CVE-2024-28905 | 2024-04-09 | Microsoft Brokering File System Elevation of Privilege Vulnerability |
| CVE-2024-28906 | 2024-04-09 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-28908 | 2024-04-09 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-28909 | 2024-04-09 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-28910 | 2024-04-09 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-28911 | 2024-04-09 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-28912 | 2024-04-09 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-28913 | 2024-04-09 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-28914 | 2024-04-09 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-28915 | 2024-04-09 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-28929 | 2024-04-09 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-28931 | 2024-04-09 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-28932 | 2024-04-09 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-28936 | 2024-04-09 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-28939 | 2024-04-09 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-28942 | 2024-04-09 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-28945 | 2024-04-09 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-29043 | 2024-04-09 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-29045 | 2024-04-09 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-29047 | 2024-04-09 | Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-29050 | 2024-04-09 | Windows Cryptographic Services Remote Code Execution Vulnerability |
| CVE-2024-29063 | 2024-04-09 | Azure AI Search Information Disclosure Vulnerability |
| CVE-2024-29064 | 2024-04-09 | Windows Hyper-V Denial of Service Vulnerability |
| CVE-2024-29066 | 2024-04-09 | Windows Distributed File System (DFS) Remote Code Execution Vulnerability |
| CVE-2024-20685 | 2024-04-09 | Azure Private 5G Core Denial of Service Vulnerability |
| CVE-2024-29988 | 2024-04-09 | SmartScreen Prompt Security Feature Bypass Vulnerability |
| CVE-2024-29990 | 2024-04-09 | Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability |
| CVE-2024-20678 | 2024-04-09 | Remote Procedure Call Runtime Remote Code Execution Vulnerability |
| CVE-2024-20665 | 2024-04-09 | BitLocker Security Feature Bypass Vulnerability |
| CVE-2024-20693 | 2024-04-09 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2024-21322 | 2024-04-09 | Microsoft Defender for IoT Remote Code Execution Vulnerability |
| CVE-2024-21323 | 2024-04-09 | Microsoft Defender for IoT Remote Code Execution Vulnerability |