Lista CVE - 2024 / Aprile
Visualizzazione 101 - 200 di 3606 CVE per Aprile 2024 (Pagina 2 di 37)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2024-3141 | 2024-04-01 | Clavister E10/E80 Misc Settings Page MiscSettings cross site scripting |
| CVE-2024-27333 | 2024-04-01 | Kofax Power PDF GIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2024-27334 | 2024-04-01 | Kofax Power PDF JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2024-22780 | 2024-04-02 | Cross Site Scripting vulnerability in CA17 TeamsACS v.1.0.1 allows a... |
| CVE-2024-25075 | 2024-04-02 | An issue was discovered in Softing uaToolkit Embedded before 1.41.1.... |
| CVE-2024-25187 | 2024-04-02 | Server Side Request Forgery (SSRF) vulnerability in 71cms v1.0.0, allows... |
| CVE-2024-27602 | 2024-04-02 | Alldata V0.4.6 is vulnerable to Incorrect Access Control. A total... |
| CVE-2024-28287 | 2024-04-02 | A DOM-based open redirection in the returnUrl parameter of INSTINCT... |
| CVE-2024-29276 | 2024-04-02 | An issue was discovered in seeyonOA version 8, allows remote... |
| CVE-2024-29432 | 2024-04-02 | Alldata v0.4.6 was discovered to contain a SQL injection vulnerability... |
| CVE-2024-29514 | 2024-04-02 | File Upload vulnerability in lepton v.7.1.0 allows a remote authenticated... |
| CVE-2024-30621 | 2024-04-02 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the serverName... |
| CVE-2024-30806 | 2024-04-02 | An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a... |
| CVE-2024-30807 | 2024-04-02 | An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a... |
| CVE-2024-30808 | 2024-04-02 | An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a... |
| CVE-2024-30809 | 2024-04-02 | An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a... |
| CVE-2024-30946 | 2024-04-02 | DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery... |
| CVE-2024-30965 | 2024-04-02 | DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery... |
| CVE-2024-31002 | 2024-04-02 | Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote... |
| CVE-2024-27604 | 2024-04-02 | Alldata V0.4.6 is vulnerable to Command execution vulnerability. System commands... |
| CVE-2024-27605 | 2024-04-02 | Alldata V0.4.6 is vulnerable to Insecure Permissions. Using users (test)... |
| CVE-2024-29434 | 2024-04-02 | An issue in the system image upload interface of Alldata... |
| CVE-2024-30620 | 2024-04-02 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the serviceName... |
| CVE-2024-31003 | 2024-04-02 | Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote... |
| CVE-2024-31004 | 2024-04-02 | An issue in Bento4 Bento v.1.6.0-641 allows a remote attacker... |
| CVE-2024-31005 | 2024-04-02 | An issue in Bento4 Bento v.1.6.0-641 allows a remote attacker... |
| CVE-2024-3142 | 2024-04-02 | Clavister E10/E80 Setting cross-site request forgery |
| CVE-2024-3143 | 2024-04-02 | DedeCMS member_rank.php cross-site request forgery |
| CVE-2024-3137 | 2024-04-02 | Improper Privilege Management in uvdesk/community-skeleton |
| CVE-2024-3144 | 2024-04-02 | DedeCMS makehtml_spec.php cross-site request forgery |
| CVE-2024-3145 | 2024-04-02 | DedeCMS makehtml_js_action.php cross-site request forgery |
| CVE-2024-3146 | 2024-04-02 | DedeCMS makehtml_rss_action.php cross-site request forgery |
| CVE-2024-3147 | 2024-04-02 | DedeCMS makehtml_map.php cross-site request forgery |
| CVE-2024-3148 | 2024-04-02 | DedeCMS makehtml_archives_action.php sql injection |
| CVE-2024-3160 | 2024-04-02 | Intelbras HDCVI 1016 HTTP GET Request cap.js information disclosure |
| CVE-2024-20842 | 2024-04-02 | Improper Input Validation vulnerability in handling apdu of libsec-ril prior... |
| CVE-2024-20843 | 2024-04-02 | Out-of-bound write vulnerability in command parsing implementation of libIfaaCa prior... |
| CVE-2024-20844 | 2024-04-02 | Out-of-bounds write vulnerability while parsing remaining codewords in libsavsac.so prior... |
| CVE-2024-20845 | 2024-04-02 | Out-of-bounds write vulnerability while releasing memory in libsavsac.so prior to... |
| CVE-2024-20846 | 2024-04-02 | Out-of-bounds write vulnerability while decoding hcr of libsavsac.so prior to... |
| CVE-2024-20847 | 2024-04-02 | Improper Access Control vulnerability in StorageManagerService prior to SMR Apr-2024... |
| CVE-2024-20848 | 2024-04-02 | Improper Input Validation vulnerability in text parsing implementation of libsdffextractor... |
| CVE-2024-20849 | 2024-04-02 | Out-of-bound Write vulnerability in chunk parsing implementation of libsdffextractor prior... |
| CVE-2024-20850 | 2024-04-02 | Use of Implicit Intent for Sensitive Communication in Samsung Pay... |
| CVE-2024-20851 | 2024-04-02 | Improper access control vulnerability in Samsung Data Store prior to... |
| CVE-2024-20852 | 2024-04-02 | Improper verification of intent by broadcast receiver vulnerability in SmartThings... |
| CVE-2024-20853 | 2024-04-02 | Improper verification of intent by broadcast receiver vulnerability in ThemeStore... |
| CVE-2024-20854 | 2024-04-02 | Improper handling of insufficient privileges vulnerability in Samsung Camera prior... |
| CVE-2024-2369 | 2024-04-02 | Page Builder Gutenberg Blocks < 3.1.7 - Contributor+ Stored XSS |
| CVE-2024-1274 | 2024-04-02 | My Calendar < 3.4.24 - Authenticated Stored XSS |
| CVE-2024-2791 | 2024-04-02 | The Metform Elementor Contact Form Builder plugin for WordPress is... |
| CVE-2024-2924 | 2024-04-02 | The Creative Addons for Elementor plugin for WordPress is vulnerable... |
| CVE-2024-1504 | 2024-04-02 | The SecuPress Free — WordPress Security plugin for WordPress is... |
| CVE-2024-26656 | 2024-04-02 | drm/amdgpu: fix use-after-free bug |
| CVE-2024-26657 | 2024-04-02 | drm/sched: fix null-ptr-deref in init entity |
| CVE-2023-52631 | 2024-04-02 | fs/ntfs3: Fix an NULL dereference bug |
| CVE-2024-26658 | 2024-04-02 | bcachefs: grab s_umount only if snapshotting |
| CVE-2024-26659 | 2024-04-02 | xhci: handle isoc Babble and Buffer Overrun events properly |
| CVE-2024-26660 | 2024-04-02 | drm/amd/display: Implement bounds check for stream encoder creation in DCN301 |
| CVE-2024-26661 | 2024-04-02 | drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' |
| CVE-2024-26662 | 2024-04-02 | drm/amd/display: Fix 'panel_cntl' could be null in 'dcn21_set_backlight_level()' |
| CVE-2024-26663 | 2024-04-02 | tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() |
| CVE-2024-26664 | 2024-04-02 | hwmon: (coretemp) Fix out-of-bounds memory access |
| CVE-2024-26665 | 2024-04-02 | tunnels: fix out of bounds access when building IPv6 PMTU error |
| CVE-2024-26666 | 2024-04-02 | wifi: mac80211: fix RCU use in TDLS fast-xmit |
| CVE-2024-26667 | 2024-04-02 | drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup |
| CVE-2024-21834 | 2024-04-02 | Arkui has a type confusion vulnerability |
| CVE-2024-22177 | 2024-04-02 | Audio has an improper preservation of permissions vulnerability |
| CVE-2024-22098 | 2024-04-02 | AVSession has a use after free vulnerability |
| CVE-2024-22180 | 2024-04-02 | Camera has a use after free vulnerability |
| CVE-2024-29074 | 2024-04-02 | Telephony has an improper input validation vulnerability |
| CVE-2024-22092 | 2024-04-02 | Bundlemanager has an authentication bypass vulnerability |
| CVE-2024-24581 | 2024-04-02 | Arkcompiler runtime has an out-of-bounds write vulnerability |
| CVE-2024-28226 | 2024-04-02 | Fs has an improper input validation vulnerability |
| CVE-2024-28951 | 2024-04-02 | Arkcompiler runtime has a use after free vulnerability |
| CVE-2024-29086 | 2024-04-02 | Arkcompiler runtime has a stack overflow svulnerability |
| CVE-2024-26668 | 2024-04-02 | netfilter: nft_limit: reject configurations that cause integer overflow |
| CVE-2024-26669 | 2024-04-02 | net/sched: flower: Fix chain template offload |
| CVE-2024-26670 | 2024-04-02 | arm64: entry: fix ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD |
| CVE-2024-2839 | 2024-04-02 | The Colibri Page Builder plugin for WordPress is vulnerable to... |
| CVE-2024-2925 | 2024-04-02 | The Beaver Builder – WordPress Page Builder plugin for WordPress... |
| CVE-2023-52632 | 2024-04-02 | drm/amdkfd: Fix lock dependency warning with srcu |
| CVE-2023-52633 | 2024-04-02 | um: time-travel: fix time corruption |
| CVE-2023-52634 | 2024-04-02 | drm/amd/display: Fix disable_otg_wa logic |
| CVE-2023-52635 | 2024-04-02 | PM / devfreq: Synchronize devfreq_monitor_[start/stop] |
| CVE-2024-26671 | 2024-04-02 | blk-mq: fix IO hang from sbitmap wakeup race |
| CVE-2024-26672 | 2024-04-02 | drm/amdgpu: Fix variable 'mca_funcs' dereferenced before NULL check in 'amdgpu_mca_smu_get_mca_entry()' |
| CVE-2024-26673 | 2024-04-02 | netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations |
| CVE-2023-52636 | 2024-04-02 | libceph: just wait for more data to be available on the socket |
| CVE-2024-26674 | 2024-04-02 | x86/lib: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups |
| CVE-2024-26675 | 2024-04-02 | ppp_async: limit MRU to 64K |
| CVE-2024-26676 | 2024-04-02 | af_unix: Call kfree_skb() for dead unix_(sk)->oob_skb in GC. |
| CVE-2024-26677 | 2024-04-02 | rxrpc: Fix delayed ACKs to not set the reference serial number |
| CVE-2024-26678 | 2024-04-02 | x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section |
| CVE-2024-26679 | 2024-04-02 | inet: read sk->sk_family once in inet_recv_error() |
| CVE-2024-26680 | 2024-04-02 | net: atlantic: Fix DMA mapping for PTP hwts ring |
| CVE-2024-26681 | 2024-04-02 | netdevsim: avoid potential loop in nsim_dev_trap_report_work() |
| CVE-2024-26682 | 2024-04-02 | wifi: mac80211: improve CSA/ECSA connection refusal |
| CVE-2024-26683 | 2024-04-02 | wifi: cfg80211: detect stuck ECSA element in probe resp |
| CVE-2024-26684 | 2024-04-02 | net: stmmac: xgmac: fix handling of DPP safety error for DMA channels |