VULNMAP - Vulnerabilità di Sicurezza

Lista CVE - 2024 / Maggio

Visualizzazione 2201 - 2300 di 4997 CVE per Maggio 2024 (Pagina 23 di 50)

ID CVE Data Titolo
CVE-2024-28760 2024-05-11 IBM App Connect Enterprise denial of service
CVE-2023-47709 2024-05-11 IBM Security Guardium command injection
CVE-2023-47712 2024-05-11 IBM Security Guardium privilege escalation
CVE-2023-47711 2024-05-11 IBM Security Guardium denial of service
CVE-2024-4790 2024-05-11 DedeCMS path traversal
CVE-2024-4791 2024-05-12 Contemporary Control System BASrouter BACnet BASRT-B Application Protocol Data Unit denial of service
CVE-2024-4792 2024-05-12 Campcodes Online Laundry Management System admin_class.php sql injection
CVE-2024-4793 2024-05-12 Campcodes Online Laundry Management System manage_laundry.php sql injection
CVE-2024-4794 2024-05-12 Campcodes Online Laundry Management System manage_receiving.php sql injection
CVE-2024-4795 2024-05-12 Campcodes Online Laundry Management System manage_user.php sql injection
CVE-2024-4796 2024-05-12 Campcodes Online Laundry Management System manage_inv.php sql injection
CVE-2024-4797 2024-05-12 Campcodes Online Laundry Management System ajax.php cross site scripting
CVE-2024-4798 2024-05-12 SourceCodester Online Computer and Laptop Store manage_brand.php sql injection
CVE-2024-4799 2024-05-12 Kashipara College Management System view_each_faculty.php sql injection
CVE-2024-2299 2024-05-12 Stored Cross-Site Scripting (XSS) via Profile Picture Upload in parisneo/lollms-webui
CVE-2024-4800 2024-05-12 Kashipara College Management System submit_student.php sql injection
CVE-2024-4801 2024-05-12 Kashipara College Management System submit_new_faculty.php sql injection
CVE-2024-4802 2024-05-12 Kashipara College Management System submit_extracurricular_activity.php sql injection
CVE-2024-4803 2024-05-12 Kashipara College Management System submit_admin.php sql injection
CVE-2024-4804 2024-05-12 Kashipara College Management System edit_user.php sql injection
CVE-2024-4805 2024-05-12 Kashipara College Management System edit_faculty.php sql injection
CVE-2024-4806 2024-05-12 Kashipara College Management System each_extracurricula_activities.php sql injection
CVE-2024-4807 2024-05-12 Kashipara College Management System delete_user.php sql injection
CVE-2024-34459 2024-05-13 An issue was discovered in xmllint (from libxml2) before 2.11.8...
CVE-2024-35204 2024-05-13 Veritas System Recovery before 23.3_Hotfix has incorrect permissions for the...
CVE-2024-26306 2024-05-13 iPerf3 before 3.17, when used with OpenSSL before 3.2.0 as...
CVE-2024-4808 2024-05-13 Kashipara College Management System delete_faculty.php sql injection
CVE-2024-4809 2024-05-13 SourceCodester Open Source Clinic Management System setting.php unrestricted upload
CVE-2024-35205 2024-05-13 The WPS Office (aka cn.wps.moffice_eng) application before 17.0.0 for Android...
CVE-2024-29212 2024-05-13 Due to an unsafe de-serialization method used by the Veeam...
CVE-2023-43040 2024-05-13 IBM Spectrum Fusion HCI improper access control
CVE-2024-3239 2024-05-13 PostX < 4.0.2 - Contributor+ Stored XSS
CVE-2023-5052 2024-05-13 Cross Site Scripting (XSS) in Servidor Uniforme Zero
CVE-2024-32700 2024-05-13 WordPress Kognetiks Chatbot for WordPress plugin <= 2.0.0 - Arbitrary File Upload vulnerability
CVE-2024-34749 2024-05-13 Phormer prior to version 3.35 contains a cross-site scripting vulnerability....
CVE-2024-3462 2024-05-13 Authorization bypass in Ant Media Server
CVE-2024-34811 2024-05-13 WordPress WP SMS plugin <= 6.5.1 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35172 2024-05-13 WordPress ShortPixel Adaptive Images plugin <= 3.8.3 - Server Side Request Forgery (SSRF) vulnerability
CVE-2024-34555 2024-05-13 WordPress Z-Downloads plugin <= 1.11.3 - Auth. Arbitrary File Upload vulnerability
CVE-2024-34440 2024-05-13 WordPress AI Engine plugin <= 2.2.63 - Auth. Arbitrary File Upload vulnerability
CVE-2024-34416 2024-05-13 WordPress Pk Favicon Manager plugin <= 2.1 - Arbitrary File Upload vulnerability
CVE-2024-34411 2024-05-13 WordPress canvasio3D Light plugin <= 2.5.0 - Arbitrary File Upload vulnerability
CVE-2024-31377 2024-05-13 WordPress WP Photo Album Plus plugin <= 8.7.01.001 - Unauth. Arbitrary File Upload vulnerability
CVE-2024-35171 2024-05-13 WordPress Academy LMS plugin <= 1.9.25 - Sensitive Data Exposure vulnerability
CVE-2024-35166 2024-05-13 WordPress FileBird – WordPress Media Library Folders & File Manager plugin <= 5.6.3 - Sensitive Data Exposure vulnerability
CVE-2024-3263 2024-05-13 Improper authentication in YMS VIS Pro
CVE-2024-35165 2024-05-13 WordPress Gutenify plugin <= 1.4.0 - Sensitive Data Exposure via API vulnerability
CVE-2024-34812 2024-05-13 WordPress ShopBuilder plugin <= 2.1.8 - Sensitive Data Exposure vulnerability
CVE-2024-32100 2024-05-13 WordPress Easy Digital Downloads plugin <= 3.2.11 - Sensitive Data Exposure vulnerability
CVE-2024-4747 2024-05-13 WordPress Propovoice CRM plugin <= 1.7.6.2 - Cross Site Scripting (XSS) vulnerability
CVE-2024-4813 2024-05-13 Ruijie RG-UAC interface_commit.php os command injection
CVE-2024-4814 2024-05-13 Ruijie RG-UAC static_route_edit_commit.php os command injection
CVE-2024-35170 2024-05-13 WordPress Sticky banner plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35169 2024-05-13 WordPress All Bootstrap Blocks plugin <= 1.3.15 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35167 2024-05-13 WordPress Envo's Elementor Templates & Widgets for WooCommerce plugin <=1.4.8 - Cross Site Scripting (XSS) vulnerability
CVE-2024-4067 2024-05-13 Regular Expression Denial of Service in micromatch
CVE-2024-4068 2024-05-13 Memory Exhaustion in braces
CVE-2023-52655 2024-05-13 usb: aqc111: check packet for fixup for true limit
CVE-2024-27398 2024-05-13 Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout
CVE-2024-27399 2024-05-13 Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout
CVE-2024-27400 2024-05-13 drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2
CVE-2024-27401 2024-05-13 firewire: nosy: ensure user_length is taken into account when fetching packet contents
CVE-2024-4815 2024-05-13 Ruijie RG-UAC detail.php os command injection
CVE-2024-4825 2024-05-13 Unrestricted Upload of File with Dangerous Type vulnerability on Cockpit CMS from Agentejo
CVE-2024-4822 2024-05-13 Cross-site Scripting in School ERP Pro+Responsive by AROX SOLUTION
CVE-2024-4823 2024-05-13 Cross-site Scripting in School ERP Pro+Responsive by AROX SOLUTION
CVE-2024-4824 2024-05-13 SQL Injection in School ERP Pro+Responsive by AROX SOLUTION
CVE-2024-25581 2024-05-13 Transfer requests received over DoH can lead to a denial of service in DNSdist
CVE-2022-4967 2024-05-13 strongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass...
CVE-2024-4816 2024-05-13 Ruijie RG-UAC gre_add_commit.php os command injection
CVE-2024-4817 2024-05-13 Campcodes Online Laundry Management System HTTP Request Parameter manage_user.php resource injection
CVE-2024-4818 2024-05-13 Campcodes Online Laundry Management System index.php file inclusion
CVE-2023-52656 2024-05-13 io_uring: drop any code related to SCM_RIGHTS
CVE-2024-35048 2024-05-13 An issue in SurveyKing v1.3.1 allows attackers to execute a...
CVE-2024-35049 2024-05-13 SurveyKing v1.3.1 was discovered to keep users' sessions active after...
CVE-2024-35050 2024-05-13 An issue in SurveyKing v1.3.1 allows attackers to escalate privileges...
CVE-2024-25641 2024-05-13 Cacti RCE vulnerability when importing packages
CVE-2024-4819 2024-05-13 Campcodes Online Laundry Management System admin_class.php improper authorization
CVE-2024-27082 2024-05-13 Cacti Cross-site Scripting vulnerability when managing trees
CVE-2024-28866 2024-05-13 GoCD vulnerable to reflected Cross-site Scripting possible on server loading page during start-up
CVE-2024-4820 2024-05-13 SourceCodester Online Computer and Laptop Store unrestricted upload
CVE-2024-29894 2024-05-13 Cacti Cross-site Scripting vulnerability when using JavaScript based messaging API
CVE-2024-29895 2024-05-13 Cacti command injection in cmd_realtime.php
CVE-2024-30258 2024-05-13 FastDDS crash when publisher send malformed packet
CVE-2024-30259 2024-05-13 FastDDS heap buffer overflow when publisher sends malformed packet
CVE-2024-30268 2024-05-13 Cacti XSS vulnerability in display_settings
CVE-2024-31443 2024-05-13 Cacti XSS vulnerability in lib/html_tree.php by reading dirty data stored in database
CVE-2024-31444 2024-05-13 Cacti XSS vulnerability in lib/html.php by reading dirty data stored in database
CVE-2024-31445 2024-05-13 SQL Injection vulnerability in automation_get_new_graphs_sql
CVE-2024-31458 2024-05-13 Cacti SQL Injection vulnerability in lib/html_form_templates.php by reading dirty data stored in database
CVE-2024-31459 2024-05-13 Cacti RCE vulnerability by file include in lib/plugin.php
CVE-2024-31460 2024-05-13 Cacti SQL Injection vulnerability in lib/api_automation.php caused by reading dirty data stored in database
CVE-2024-34340 2024-05-13 Authentication Bypass when using using older password hashes
CVE-2024-34077 2024-05-13 MantisBT user account takeover in the signup/reset password process
CVE-2024-34080 2024-05-13 MantisBT Vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
CVE-2024-34081 2024-05-13 MantisBT Cross-site Scripting vulnerability
CVE-2024-34353 2024-05-13 matrix-sdk-crypto contains a log exposure of private key of the server-side key backup
CVE-2020-18305 2024-05-13 Extreme Networks EXOS before v.22.7 and before v.30.2 was discovered...
CVE-2024-34697 2024-05-13 Freescout vulnerable to Stored HTML Injection in Editing Received Emails
CVE-2024-33250 2024-05-13 An issue in Open-Source Technology Committee SRS real-time video server...