Lista CVE - 2024 / Aprile
Visualizzazione 2801 - 2900 di 3606 CVE per Aprile 2024 (Pagina 29 di 37)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2024-4014 | 2024-04-20 | The hCaptcha for WordPress plugin for WordPress is vulnerable to... |
| CVE-2024-4019 | 2024-04-20 | Byzoro Smart S80 Management Platform importhtml.php deserialization |
| CVE-2024-4020 | 2024-04-20 | Tenda FH1206 addressNat fromAddressNat buffer overflow |
| CVE-2024-4021 | 2024-04-21 | Keenetic KN-1010/KN-1410/KN-1711/KN-1810/KN-1910 Configuration Setting ndmComponents.js information disclosure |
| CVE-2024-4022 | 2024-04-21 | Keenetic KN-1010/KN-1410/KN-1711/KN-1810/KN-1910 Version Data version.js information disclosure |
| CVE-2024-29217 | 2024-04-21 | Apache Answer: XSS vulnerability when changing personal website |
| CVE-2024-29733 | 2024-04-21 | Apache Airflow FTP Provider: FTP_TLS instance with unverified SSL context |
| CVE-2015-10132 | 2024-04-21 | Thimo Grauerholz WP-Spreadplugin spreadplugin.php cross site scripting |
| CVE-2022-34560 | 2024-04-22 | A cross-site scripting (XSS) vulnerability in PHPFox v4.8.9 allows attackers... |
| CVE-2022-34561 | 2024-04-22 | A cross-site scripting (XSS) vulnerability in PHPFox v4.8.9 allows attackers... |
| CVE-2022-34562 | 2024-04-22 | A cross-site scripting (XSS) vulnerability in PHPFox v4.8.9 allows attackers... |
| CVE-2022-35503 | 2024-04-22 | Improper verification of a user input in Open Source MANO... |
| CVE-2022-46897 | 2024-04-22 | An issue was discovered in Insyde InsydeH2O with kernel 5.0... |
| CVE-2023-38290 | 2024-04-22 | Certain software builds for the BLU View 2 and Sharp... |
| CVE-2023-38291 | 2024-04-22 | An issue was discovered in a third-party component related to... |
| CVE-2023-38292 | 2024-04-22 | Certain software builds for the TCL 20XE Android device contain... |
| CVE-2023-38293 | 2024-04-22 | Certain software builds for the Nokia C200 and Nokia C100... |
| CVE-2023-38294 | 2024-04-22 | Certain software builds for the Itel Vision 3 Turbo Android... |
| CVE-2023-38295 | 2024-04-22 | Certain software builds for the TCL 30Z and TCL 10... |
| CVE-2023-38296 | 2024-04-22 | Various software builds for the following TCL 30Z and TCL... |
| CVE-2023-38298 | 2024-04-22 | Various software builds for the following TCL devices (30Z, A3X,... |
| CVE-2023-38299 | 2024-04-22 | Various software builds for the AT&T Calypso, Nokia C100, Nokia... |
| CVE-2023-38300 | 2024-04-22 | A certain software build for the Orbic Maui device (Orbic/RC545L/RC545L:10/ORB545L_V1.4.2_BVZPP/230106:user/release-keys)... |
| CVE-2023-38301 | 2024-04-22 | An issue was discovered in a third-party component related to... |
| CVE-2024-22807 | 2024-04-22 | An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6... |
| CVE-2024-22808 | 2024-04-22 | An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6... |
| CVE-2024-22809 | 2024-04-22 | Incorrect access control in Tormach xsTECH CNC Router, PathPilot Controller... |
| CVE-2024-22813 | 2024-04-22 | An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6... |
| CVE-2024-22815 | 2024-04-22 | An issue in the communication protocol of Tormach xsTECH CNC... |
| CVE-2024-22856 | 2024-04-22 | A SQL injection vulnerability via the Save Favorite Search function... |
| CVE-2024-27574 | 2024-04-22 | SQL Injection vulnerability in Trainme Academy version Ichin v.1.3.2 allows... |
| CVE-2024-28436 | 2024-04-22 | Cross Site Scripting vulnerability in D-Link DAP products DAP-2230, DAP-2310,... |
| CVE-2024-28699 | 2024-04-22 | A buffer overflow vulnerability in pdf2json v0.70 allows a local... |
| CVE-2024-28717 | 2024-04-22 | An issue in OpenStack Storlets yoga-eom allows a remote attacker... |
| CVE-2024-28722 | 2024-04-22 | Cross Site Scripting vulnerability in Innovaphone myPBX v.14r1, v.13r3, v.12r2... |
| CVE-2024-29368 | 2024-04-22 | An arbitrary file upload vulnerability in the file handling module... |
| CVE-2024-29376 | 2024-04-22 | Sylius 1.12.13 is vulnerable to Cross Site Scripting (XSS) via... |
| CVE-2024-29661 | 2024-04-22 | A File Upload vulnerability in DedeCMS v5.7 allows a local... |
| CVE-2024-30799 | 2024-04-22 | An issue in PX4 Autopilot v1.14 and before allows a... |
| CVE-2024-31036 | 2024-04-22 | A heap-buffer-overflow vulnerability in the read_byte function in NanoMQ v.0.21.7... |
| CVE-2024-31545 | 2024-04-22 | Computer Laboratory Management System v1.0 is vulnerable to SQL Injection... |
| CVE-2024-32238 | 2024-04-22 | H3C ER8300G2-X is vulnerable to Incorrect Access Control. The password... |
| CVE-2024-32368 | 2024-04-22 | Insecure Permission vulnerability in Agasta Sanketlife 2.0 Pocket 12-Lead ECG... |
| CVE-2024-32394 | 2024-04-22 | An issue in ruijie.com/cn RG-RSR10-01G-T(WA)-S RSR_3.0(1)B9P2_RSR10-01G-TW-S_07150910 and RG-RSR10-01G-T(WA)-S RSR_3.0(1)B9P2_RSR10-01G-TW-S_07150910 allows... |
| CVE-2024-32399 | 2024-04-22 | Directory Traversal vulnerability in RaidenMAILD Mail Server v.4.9.4 and before... |
| CVE-2024-32407 | 2024-04-22 | An issue in inducer relate before v.2024.1 allows a remote... |
| CVE-2024-32418 | 2024-04-22 | An issue in flusity CMS v2.33 allows a remote attacker... |
| CVE-2023-38297 | 2024-04-22 | An issue was discovered in a third-party com.factory.mmigroup component, shipped... |
| CVE-2023-38302 | 2024-04-22 | A certain software build for the Sharp Rouvo V device... |
| CVE-2024-22811 | 2024-04-22 | An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6... |
| CVE-2024-31666 | 2024-04-22 | An issue in flusity-CMS v.2.33 allows a remote attacker to... |
| CVE-2024-32405 | 2024-04-22 | Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows... |
| CVE-2018-25101 | 2024-04-22 | l2c2technologies Koha opac-MARCdetail.pl cross site scripting |
| CVE-2023-7252 | 2024-04-22 | Tickera < 3.5.2.5 - Ticket leakage through IDOR |
| CVE-2024-32690 | 2024-04-22 | WordPress RSS Feed Widget plugin <= 2.9.7 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-32694 | 2024-04-22 | WordPress 3D FlipBook, PDF Viewer, PDF Embedder plugin <= 3.62 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-32695 | 2024-04-22 | WordPress Language Switcher for Transposh plugin <= 1.5.9 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-32696 | 2024-04-22 | WordPress AI Infographic Maker OpenAI plugin <= 4.6.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-32697 | 2024-04-22 | WordPress HelloAsso plugin <= 1.1.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-32698 | 2024-04-22 | WordPress Happy Addons for Elementor plugin <= 3.10.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-32693 | 2024-04-22 | WordPress Automatic plugin < 3.93.0 - Multiple Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-32691 | 2024-04-22 | WordPress Active Products Tables for WooCommerce plugin <= 1.0.6.2 - Broken Access Control vulnerability |
| CVE-2024-32688 | 2024-04-22 | WordPress MyRewards plugin <= 5.3.0 - Broken Access Control vulnerability |
| CVE-2024-32687 | 2024-04-22 | WordPress WPC Frequently Bought Together for WooCommerce plugin <= 7.0.3 - Broken Access Control vulnerability |
| CVE-2024-32684 | 2024-04-22 | WordPress WP Ultimate Review plugin <= 2.2.5 - Broken Access Control on Review vulnerability |
| CVE-2024-32682 | 2024-04-22 | WordPress Prime Slider plugin <= 3.13.2 - Broken Access Control vulnerability |
| CVE-2024-32681 | 2024-04-22 | WordPress Prime Slider plugin <= 3.13.2 - Broken Access Control vulnerability |
| CVE-2024-4026 | 2024-04-22 | Cross-Site Scripting in the Holded application |
| CVE-2024-3645 | 2024-04-22 | The Essential Addons for Elementor Pro plugin for WordPress is... |
| CVE-2024-27347 | 2024-04-22 | Apache HugeGraph-Hubble: SSRF in Hubble connection page |
| CVE-2024-27348 | 2024-04-22 | Apache HugeGraph-Server: Command execution in gremlin |
| CVE-2024-27349 | 2024-04-22 | Apache HugeGraph-Server: Bypass whitelist in Auth mode |
| CVE-2024-4040 | 2024-04-22 | Unauthenticated arbitrary file read and remote code execution in CrushFTP |
| CVE-2024-32039 | 2024-04-22 | FreeRDP Integer overflow & OutOfBound Write in clear_decompress_residual_data |
| CVE-2024-32040 | 2024-04-22 | FreeRDP vulnerable to integer underflow in nsc_rle_decode |
| CVE-2024-32041 | 2024-04-22 | FreeRDP OutOfBound Read in zgfx_decompress_segment |
| CVE-2024-32458 | 2024-04-22 | FreeRDP Out-Of-Bounds Read in planar_skip_plane_rle |
| CVE-2024-32459 | 2024-04-22 | FreeRDP Out-Of-Bounds Read in ncrush_decompress |
| CVE-2024-32460 | 2024-04-22 | FreeRDP Out-Of-Bounds Read in interleaved_decompress |
| CVE-2024-32461 | 2024-04-22 | LibreNMS vulnerable to time-based SQL injection that leads to database extraction |
| CVE-2024-32479 | 2024-04-22 | LibreNMS's Improper Sanitization on Service template name leads to Stored XSS |
| CVE-2024-32480 | 2024-04-22 | LibreNMS's Time-Based Blind SQL injection leads to database extraction |
| CVE-2024-32653 | 2024-04-22 | Insufficient input filtering of "package name" allows command execution in the device with shell privileges |
| CVE-2024-32656 | 2024-04-22 | Ant Media Server vulnerable to local privilege escalation |
| CVE-2024-32657 | 2024-04-22 | Hydra has persistent XSS vulnerability serving HTML build outputs |
| CVE-2024-3177 | 2024-04-22 | Bypassing mountable secrets policy imposed by the ServiceAccount admission plugin |
| CVE-2023-48183 | 2024-04-23 | QuickJS before c4cdd61 has a build_for_in_iterator NULL pointer dereference because... |
| CVE-2023-48184 | 2024-04-23 | QuickJS before 7414e5f has a quickjs.h JS_FreeValueRT use-after-free because of... |
| CVE-2024-28627 | 2024-04-23 | An issue in Flipsnack v.18/03/2024 allows a local attacker to... |
| CVE-2024-30800 | 2024-04-23 | PX4 Autopilot v.1.14 allows an attacker to fly the drone... |
| CVE-2024-30886 | 2024-04-23 | A stored cross-site scripting (XSS) vulnerability in the remotelink function... |
| CVE-2024-31616 | 2024-04-23 | An issue discovered in RG-RSR10-01G-T(W)-S and RG-RSR10-01G-T(WA)-S routers with firmware... |
| CVE-2024-31804 | 2024-04-23 | An unquoted service path vulnerability in Terratec DMX_6Fire USB v.1.23.0.02... |
| CVE-2024-32258 | 2024-04-23 | The network server of fceux 2.7.0 has a path traversal... |
| CVE-2024-33211 | 2024-04-23 | Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer... |
| CVE-2024-33212 | 2024-04-23 | Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer... |
| CVE-2024-33213 | 2024-04-23 | Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer... |
| CVE-2024-33214 | 2024-04-23 | Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer... |
| CVE-2024-33215 | 2024-04-23 | Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer... |
| CVE-2024-33217 | 2024-04-23 | Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer... |