Lista CVE - 2024 / Aprile
Visualizzazione 1501 - 1600 di 3606 CVE per Aprile 2024 (Pagina 16 di 37)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2024-31230 | 2024-04-10 | WordPress ShortPixel Adaptive Images plugin <= 3.8.2 - Broken Access Control vulnerability |
| CVE-2024-31242 | 2024-04-10 | WordPress Bricksforge plugin <= 2.0.17 - Unauthenticated Arbitrary Email Sending vulnerability |
| CVE-2024-31464 | 2024-04-10 | XWiki Platform: Password hash might be leaked by diff once the xobject holding them is deleted |
| CVE-2024-3157 | 2024-04-10 | Out of bounds memory access in Compositing in Google Chrome... |
| CVE-2024-3516 | 2024-04-10 | Heap buffer overflow in ANGLE in Google Chrome prior to... |
| CVE-2024-3515 | 2024-04-10 | Use after free in Dawn in Google Chrome prior to... |
| CVE-2024-31386 | 2024-04-10 | Multiple WordPress themes affected by Cross-Site Request Forgery vulnerability |
| CVE-2021-47181 | 2024-04-10 | usb: musb: tusb6010: check return value after calling platform_get_resource() |
| CVE-2021-47182 | 2024-04-10 | scsi: core: Fix scsi_mode_sense() buffer length handling |
| CVE-2021-47183 | 2024-04-10 | scsi: lpfc: Fix link down processing to address NULL pointer dereference |
| CVE-2021-47184 | 2024-04-10 | i40e: Fix NULL ptr dereference on VSI filter sync |
| CVE-2021-47185 | 2024-04-10 | tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc |
| CVE-2021-47186 | 2024-04-10 | tipc: check for null after calling kmemdup |
| CVE-2021-47187 | 2024-04-10 | arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency |
| CVE-2021-47188 | 2024-04-10 | scsi: ufs: core: Improve SCSI abort handling |
| CVE-2021-47189 | 2024-04-10 | btrfs: fix memory ordering between normal and ordered work functions |
| CVE-2021-47190 | 2024-04-10 | perf bpf: Avoid memory leak from perf_env__insert_btf() |
| CVE-2021-47191 | 2024-04-10 | scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() |
| CVE-2021-47192 | 2024-04-10 | scsi: core: sysfs: Fix hang when device state is set via sysfs |
| CVE-2021-47193 | 2024-04-10 | scsi: pm80xx: Fix memory leak during rmmod |
| CVE-2021-47194 | 2024-04-10 | cfg80211: call cfg80211_stop_ap when switch from P2P_GO type |
| CVE-2021-47195 | 2024-04-10 | spi: fix use-after-free of the add_lock mutex |
| CVE-2021-47196 | 2024-04-10 | RDMA/core: Set send and receive CQ before forwarding to the driver |
| CVE-2021-47197 | 2024-04-10 | net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove() |
| CVE-2021-47198 | 2024-04-10 | scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine |
| CVE-2021-47199 | 2024-04-10 | net/mlx5e: CT, Fix multiple allocations and memleak of mod acts |
| CVE-2021-47200 | 2024-04-10 | drm/prime: Fix use after free in mmap with drm_gem_ttm_mmap |
| CVE-2021-47201 | 2024-04-10 | iavf: free q_vectors before queues in iavf_disable_vf |
| CVE-2021-47202 | 2024-04-10 | thermal: Fix NULL pointer dereferences in of_thermal_ functions |
| CVE-2021-47203 | 2024-04-10 | scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() |
| CVE-2021-47204 | 2024-04-10 | net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove |
| CVE-2021-47205 | 2024-04-10 | clk: sunxi-ng: Unregister clocks/resets when unbinding |
| CVE-2021-47206 | 2024-04-10 | usb: host: ohci-tmio: check return value after calling platform_get_resource() |
| CVE-2021-47207 | 2024-04-10 | ALSA: gus: fix null pointer dereference on pointer block |
| CVE-2021-47209 | 2024-04-10 | sched/fair: Prevent dead task groups from regaining cfs_rq's |
| CVE-2021-47210 | 2024-04-10 | usb: typec: tipd: Remove WARN_ON in tps6598x_block_read |
| CVE-2021-47211 | 2024-04-10 | ALSA: usb-audio: fix null pointer dereference on pointer cs_desc |
| CVE-2021-47212 | 2024-04-10 | net/mlx5: Update error handler for UCTX and UMEM |
| CVE-2021-47214 | 2024-04-10 | hugetlb, userfaultfd: fix reservation restore on userfaultfd error |
| CVE-2021-47215 | 2024-04-10 | net/mlx5e: kTLS, Fix crash in RX resync flow |
| CVE-2021-47216 | 2024-04-10 | scsi: advansys: Fix kernel pointer leak |
| CVE-2021-47217 | 2024-04-10 | x86/hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails |
| CVE-2021-47218 | 2024-04-10 | selinux: fix NULL-pointer dereference when hashtab allocation fails |
| CVE-2021-47219 | 2024-04-10 | scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() |
| CVE-2024-31430 | 2024-04-10 | Cross-Site Request Forgery (CSRF) vulnerability in realmag777 BEAR and WOLF WordPress plugins |
| CVE-2024-31465 | 2024-04-10 | XWiki Platform: Remote code execution from account via SearchSuggestSourceSheet |
| CVE-2024-31939 | 2024-04-10 | WordPress Import any XML or CSV File to WordPress plugin <= 3.7.3 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-31981 | 2024-04-10 | XWiki Platform: Privilege escalation (PR) from user registration through PDFClass |
| CVE-2024-31982 | 2024-04-10 | XWiki Platform: Remote code execution as guest via DatabaseSearch |
| CVE-2024-31983 | 2024-04-10 | XWiki Platform: Remote code execution from edit in multilingual wikis via translations |
| CVE-2024-31984 | 2024-04-10 | XWiki Platform: Remote code execution through space title and Solr space facet |
| CVE-2024-31985 | 2024-04-10 | XWiki Platform CSRF in the job scheduler |
| CVE-2024-31986 | 2024-04-10 | XWiki Platform CSRF remote code execution through scheduler job's document reference |
| CVE-2024-31987 | 2024-04-10 | XWiki Platform remote code execution from account via custom skins support |
| CVE-2024-1481 | 2024-04-10 | Freeipa: specially crafted http requests potentially lead to denial of service |
| CVE-2024-31988 | 2024-04-10 | XWiki Platform CSRF remote code execution through the realtime HTML Converter API |
| CVE-2024-31996 | 2024-04-10 | XWiki Commons missing escaping of `{` in Velocity escapetool allows remote code execution |
| CVE-2024-31997 | 2024-04-10 | XWiki Platform remote code execution from account through UIExtension parameters |
| CVE-2024-31995 | 2024-04-10 | zcap has incomplete expiration checks in capability chains. |
| CVE-2024-31999 | 2024-04-10 | @fastify/secure-session: Reuse of destroyed secure session cookie |
| CVE-2024-32001 | 2024-04-10 | SpiceDB: LookupSubjects may return partial results if a specific kind of relation is used |
| CVE-2024-29902 | 2024-04-10 | Cosign vulnerable to system-wide denial of service via malicious attachments |
| CVE-2024-29903 | 2024-04-10 | Cosign vulnerable to machine-wide denial of service via malicious artifacts |
| CVE-2024-3612 | 2024-04-10 | SourceCodester Warehouse Management System barang.php cross site scripting |
| CVE-2023-29483 | 2024-04-11 | eventlet before 0.35.2, as used in dnspython before 2.6.0, allows... |
| CVE-2023-48865 | 2024-04-11 | An issue discovered in Reportico Till 8.1.0 allows attackers to... |
| CVE-2024-22717 | 2024-04-11 | Cross Site Scripting (XSS) vulnerability in Form Tools 3.1.1 allows... |
| CVE-2024-22719 | 2024-04-11 | SQL Injection vulnerability in Form Tools 3.1.1 allows attackers to... |
| CVE-2024-22721 | 2024-04-11 | Cross Site Request Forgery (CSRF) vulnerability in Form Tools 3.1.1... |
| CVE-2024-22722 | 2024-04-11 | Server Side Template Injection (SSTI) vulnerability in Form Tools 3.1.1... |
| CVE-2024-25852 | 2024-04-11 | Linksys RE7000 v2.0.9, v2.0.11, and v2.0.15 have a command execution... |
| CVE-2024-27592 | 2024-04-11 | Open Redirect vulnerability in Corezoid Process Engine v6.5.0 allows attackers... |
| CVE-2024-28458 | 2024-04-11 | Null Pointer Dereference vulnerability in swfdump in swftools 0.9.2 allows... |
| CVE-2024-29399 | 2024-04-11 | An issue was discovered in GNU Savane v.3.13 and before,... |
| CVE-2024-30878 | 2024-04-11 | A cross-site scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote... |
| CVE-2024-30879 | 2024-04-11 | Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows... |
| CVE-2024-30880 | 2024-04-11 | Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows... |
| CVE-2024-30883 | 2024-04-11 | Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows... |
| CVE-2024-30884 | 2024-04-11 | Reflected Cross-Site Scripting (XSS) vulnerability in Discuz! version X3.4 20220811,... |
| CVE-2024-30885 | 2024-04-11 | Reflected Cross-Site Scripting (XSS) vulnerability in HadSky v7.6.3, allows remote... |
| CVE-2024-30917 | 2024-04-11 | An issue was discovered in eProsima FastDDS v.2.14.0 and before,... |
| CVE-2024-31678 | 2024-04-11 | Sourcecodester Loan Management System v1.0 is vulnerable to SQL Injection... |
| CVE-2024-22718 | 2024-04-11 | Cross Site Scripting (XSS) vulnerability in Form Tools 3.1.1 allows... |
| CVE-2024-25376 | 2024-04-11 | An issue discovered in Thesycon Software Solutions Gmbh & Co.... |
| CVE-2024-30915 | 2024-04-11 | An issue was discovered in OpenDDS commit b1c534032bb62ad4ae32609778de6b8d6c823a66, allows a... |
| CVE-2024-30916 | 2024-04-11 | An issue was discovered in eProsima FastDDS v.2.14.0 and before,... |
| CVE-2024-3613 | 2024-04-11 | SourceCodester Warehouse Management System supplier.php cross site scripting |
| CVE-2024-3614 | 2024-04-11 | SourceCodester Warehouse Management System customer.php cross site scripting |
| CVE-2024-3616 | 2024-04-11 | SourceCodester Warehouse Management System pengguna.php cross site scripting |
| CVE-2024-3652 | 2024-04-11 | IKEv1 default AH/ESP responder can cause libreswan to abort and restart |
| CVE-2023-6811 | 2024-04-11 | The Language Translate Widget for WordPress – ConveyThis plugin for... |
| CVE-2024-3617 | 2024-04-11 | SourceCodester Kortex Lite Advocate Office Management System deactivate_case.php sql injection |
| CVE-2024-29220 | 2024-04-11 | Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability... |
| CVE-2024-26019 | 2024-04-11 | Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability... |
| CVE-2024-25572 | 2024-04-11 | Cross-site request forgery (CSRF) vulnerability exists in Ninja Forms prior... |
| CVE-2024-3618 | 2024-04-11 | SourceCodester Kortex Lite Advocate Office Management System activate_case.php sql injection |
| CVE-2024-3619 | 2024-04-11 | SourceCodester Kortex Lite Advocate Office Management System addcase_stage.php sql injection |
| CVE-2024-3620 | 2024-04-11 | SourceCodester Kortex Lite Advocate Office Management System adds.php sql injection |
| CVE-2024-3621 | 2024-04-11 | SourceCodester Kortex Lite Advocate Office Management System register_case.php sql injection |
| CVE-2024-21508 | 2024-04-11 | Versions of the package mysql2 before 3.9.4 are vulnerable to... |