Lista CVE - 2024 / Giugno
Visualizzazione 1801 - 1900 di 3082 CVE per Giugno 2024 (Pagina 19 di 31)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2024-1399 | 2024-06-15 | Restaurant Menu and Food Ordering <= 2.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode |
| CVE-2024-3105 | 2024-06-15 | Woody code snippets – Insert Header Footer Code, AdSense Ads <= 2.5.0 -Authenticated (Contributor+) Remote Code Execution |
| CVE-2024-5858 | 2024-06-15 | Infographic Maker iList <= 4.7.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Title Update |
| CVE-2024-4258 | 2024-06-15 | Video Gallery – YouTube Playlist, Channel Gallery by YotuWP <= 1.3.13 - Unauthenticated Local File Inclusion |
| CVE-2024-2695 | 2024-06-15 | Shariff Wrapper <= 4.6.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode |
| CVE-2024-4551 | 2024-06-15 | Video Gallery – YouTube Playlist, Channel Gallery by YotuWP <= 1.3.13 - Authenticated (Contributor+) Arbitrary File Inclusion via Shortcode |
| CVE-2024-4095 | 2024-06-15 | Collapse-O-Matic <= 1.8.5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode |
| CVE-2024-6005 | 2024-06-15 | ZKTeco ZKBio CVSecurity V5000 Department Section cross site scripting |
| CVE-2024-5611 | 2024-06-15 | Stratum – Elementor Widgets <= 1.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget |
| CVE-2024-6006 | 2024-06-15 | ZKTeco ZKBio CVSecurity V5000 Summer Schedule cross site scripting |
| CVE-2024-6007 | 2024-06-15 | Netentsec NS-ASG Application Security Gateway deleteiscgwrouteconf.php sql injection |
| CVE-2024-31870 | 2024-06-15 | IBM i information disclosure |
| CVE-2024-27275 | 2024-06-15 | IBM i privilege escalation |
| CVE-2024-6008 | 2024-06-15 | itsourcecode Online Book Store edit_book.php sql injection |
| CVE-2024-6009 | 2024-06-15 | itsourcecode Event Calendar process.php regDelete sql injection |
| CVE-2024-6013 | 2024-06-15 | itsourcecode Online Book Store admin_delete.php sql injection |
| CVE-2024-6014 | 2024-06-15 | itsourcecode Document Management System edithis.php sql injection |
| CVE-2024-6015 | 2024-06-15 | itsourcecode Online House Rental System manage_user.php sql injection |
| CVE-2024-6016 | 2024-06-15 | itsourcecode Online Laundry Management System admin_class.php sql injection |
| CVE-2023-27636 | 2024-06-16 | Progress Sitefinity before 15.0.0 allows XSS by authenticated users via... |
| CVE-2024-34451 | 2024-06-16 | Ghost through 5.85.1 allows remote attackers to bypass an authentication... |
| CVE-2024-38395 | 2024-06-16 | In iTerm2 before 3.5.2, the "Terminal may report window title"... |
| CVE-2024-38396 | 2024-06-16 | An issue was discovered in iTerm2 3.5.x before 3.5.2. Unfiltered... |
| CVE-2024-38427 | 2024-06-16 | In International Color Consortium DemoIccMAX before 85ce74e, a logic flaw... |
| CVE-2024-38439 | 2024-06-16 | Netatalk before 3.2.1 has an off-by-one error and resultant heap-based... |
| CVE-2024-38440 | 2024-06-16 | Netatalk before 3.2.1 has an off-by-one error, and resultant heap-based... |
| CVE-2024-38441 | 2024-06-16 | Netatalk before 3.2.1 has an off-by-one error and resultant heap-based... |
| CVE-2024-38443 | 2024-06-16 | C/sorting/binary_insertion_sort.c in The Algorithms - C through e5dad3f has a... |
| CVE-2024-38448 | 2024-06-16 | htags in GNU Global through 6.6.12 allows code execution in... |
| CVE-2024-38457 | 2024-06-16 | Xenforo before 2.2.16 allows CSRF. |
| CVE-2024-38458 | 2024-06-16 | Xenforo before 2.2.16 allows code injection. |
| CVE-2024-38459 | 2024-06-16 | langchain_experimental (aka LangChain Experimental) before 0.0.61 for LangChain provides Python... |
| CVE-2024-38461 | 2024-06-16 | irodsServerMonPerf in iRODS before 4.3.2 attempts to proceed with use... |
| CVE-2024-38462 | 2024-06-16 | iRODS before 4.3.2 provides an msiSendMail function with a problematic... |
| CVE-2024-38467 | 2024-06-16 | Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized user... |
| CVE-2024-38428 | 2024-06-16 | url.c in GNU Wget through 1.24.5 mishandles semicolons in the... |
| CVE-2024-38454 | 2024-06-16 | ExpressionEngine before 7.4.11 allows XSS. |
| CVE-2024-38460 | 2024-06-16 | In SonarQube before 10.4 and 9.9.4 LTA, encrypted values generated... |
| CVE-2024-38465 | 2024-06-16 | Shenzhen Guoxin Synthesis image system before 8.3.0 allows username enumeration... |
| CVE-2024-38466 | 2024-06-16 | Shenzhen Guoxin Synthesis image system before 8.3.0 has a 123456Qw... |
| CVE-2024-38468 | 2024-06-16 | Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized password... |
| CVE-2024-36397 | 2024-06-16 | Vantiva - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
| CVE-2024-6039 | 2024-06-16 | Feng Office Workspaces sql injection |
| CVE-2024-6041 | 2024-06-16 | itsourcecode Gym Management System manage_user.php sql injection |
| CVE-2024-6042 | 2024-06-16 | itsourcecode Real Estate Management System property-detail.php sql injection |
| CVE-2024-34833 | 2024-06-17 | Sourcecodester Payroll Management System v1.0 is vulnerable to File Upload.... |
| CVE-2024-36527 | 2024-06-17 | puppeteer-renderer v.3.2.0 and before is vulnerable to Directory Traversal. Attackers... |
| CVE-2024-36543 | 2024-06-17 | Incorrect access control in the Kafka Connect REST API in... |
| CVE-2024-36573 | 2024-06-17 | almela obx before v.0.0.4 has a Prototype Pollution issue which... |
| CVE-2024-36574 | 2024-06-17 | A Prototype Pollution issue in flatten-json 1.0.1 allows an attacker... |
| CVE-2024-36575 | 2024-06-17 | A Prototype Pollution issue in getsetprop 1.1.0 allows an attacker... |
| CVE-2024-36577 | 2024-06-17 | apphp js-object-resolver < 3.1.1 is vulnerable to Prototype Pollution via... |
| CVE-2024-36578 | 2024-06-17 | akbr update 1.0.0 is vulnerable to Prototype Pollution via update/index.js. |
| CVE-2024-36580 | 2024-06-17 | A Prototype Pollution issue in cdr0 sg 1.0.10 allows an... |
| CVE-2024-36581 | 2024-06-17 | A Prototype Pollution issue in abw badger-database 1.2.1 allows an... |
| CVE-2024-36582 | 2024-06-17 | alexbinary object-deep-assign 1.0.11 is vulnerable to Prototype Pollution via the... |
| CVE-2024-36583 | 2024-06-17 | A Prototype Pollution issue in byondreal accessor <= 1.0.0 allows... |
| CVE-2024-37619 | 2024-06-17 | StrongShop v1.0 was discovered to contain a reflected cross-site scripting... |
| CVE-2024-37620 | 2024-06-17 | PHPVOD v4.0 was discovered to contain a reflected cross-site scripting... |
| CVE-2024-37621 | 2024-06-17 | StrongShop v1.0 was discovered to contain a Server-Side Template Injection... |
| CVE-2024-37622 | 2024-06-17 | Xinhu RockOA v2.6.3 was discovered to contain a reflected cross-site... |
| CVE-2024-37623 | 2024-06-17 | Xinhu RockOA v2.6.3 was discovered to contain a reflected cross-site... |
| CVE-2024-37625 | 2024-06-17 | zhimengzhe iBarn v1.5 was discovered to contain a reflected cross-site... |
| CVE-2024-37661 | 2024-06-17 | TP-LINK TL-7DR5130 v1.0.23 is vulnerable to forged ICMP redirect message... |
| CVE-2024-37662 | 2024-06-17 | TP-LINK TL-7DR5130 v1.0.23 is vulnerable to TCP DoS or hijacking... |
| CVE-2024-37663 | 2024-06-17 | Redmi router RB03 v1.0.57 is vulnerable to forged ICMP redirect... |
| CVE-2024-37664 | 2024-06-17 | Redmi router RB03 v1.0.57 is vulnerable to TCP DoS or... |
| CVE-2024-37794 | 2024-06-17 | Improper input validation in CVC5 Solver v1.1.3 allows attackers to... |
| CVE-2024-37795 | 2024-06-17 | A segmentation fault in CVC5 Solver v1.1.3 allows attackers to... |
| CVE-2024-37798 | 2024-06-17 | Cross-site scripting (XSS) vulnerability in search-appointment.php in the Admin Panel... |
| CVE-2024-37828 | 2024-06-17 | A stored cross-site scripting (XSS) in Vermeg Agile Reporter v23.2.1... |
| CVE-2024-37840 | 2024-06-17 | SQL injection vulnerability in processscore.php in Itsourcecode Learning Management System... |
| CVE-2024-37848 | 2024-06-17 | SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker... |
| CVE-2024-38449 | 2024-06-17 | A Directory Traversal vulnerability in KasmVNC 1.3.1.230e50f7b89663316c70de7b0e3db6f6b9340489 and possibly earlier... |
| CVE-2024-38469 | 2024-06-17 | zhimengzhe iBarn v1.5 was discovered to contain a reflected cross-site... |
| CVE-2024-38470 | 2024-06-17 | zhimengzhe iBarn v1.5 was discovered to contain a reflected cross-site... |
| CVE-2023-37057 | 2024-06-17 | An issue in JLINK Unionman Technology Co. Ltd Jlink AX1800... |
| CVE-2023-37058 | 2024-06-17 | Insecure Permissions vulnerability in JLINK Unionman Technology Co. Ltd Jlink... |
| CVE-2024-37624 | 2024-06-17 | Xinhu RockOA v2.6.3 was discovered to contain a reflected cross-site... |
| CVE-2024-6043 | 2024-06-17 | SourceCodester Best House Rental Management System admin_class.php login sql injection |
| CVE-2024-6044 | 2024-06-17 | D-Link router - Arbitrary File Reading |
| CVE-2024-5163 | 2024-06-17 | Improper permission settings in com.transsion.carlcare |
| CVE-2024-6045 | 2024-06-17 | D-Link router - Hidden Backdoor |
| CVE-2024-6047 | 2024-06-17 | GeoVision EOL device - OS Command Injection |
| CVE-2024-3236 | 2024-06-17 | Easy Notify Lite < 1.1.33 - Contributor+ Stored XSS |
| CVE-2024-4305 | 2024-06-17 | PostX < 4.1.0 - Contributor+ Stored XSS |
| CVE-2024-5650 | 2024-06-17 | DLL Hijacking vulnerability has been found in CENTUM CAMS Log... |
| CVE-2024-6048 | 2024-06-17 | Openfind MailGates and MailAudit - OS Command Injection |
| CVE-2024-36277 | 2024-06-17 | Improper verification of cryptographic signature issue exists in "FreeFrom -... |
| CVE-2024-36279 | 2024-06-17 | Reliance on obfuscation or encryption of security-relevant inputs without integrity... |
| CVE-2024-36289 | 2024-06-17 | Reusing a nonce, key pair in encryption issue exists in... |
| CVE-2024-5741 | 2024-06-17 | XSS in inventory view |
| CVE-2024-6055 | 2024-06-17 | Improper removal of sensitive information in data source export feature... |
| CVE-2024-6057 | 2024-06-17 | Improper authentication in the vault password feature in Devolutions Remote... |
| CVE-2024-37158 | 2024-06-17 | Evmos is missing precompile checks |
| CVE-2024-37159 | 2024-06-17 | Evmos is missing create validator check |
| CVE-2024-4032 | 2024-06-17 | Incorrect IPv4 and IPv6 private ranges |
| CVE-2024-0397 | 2024-06-17 | Memory race condition in ssl.SSLContext certificate store methods |
| CVE-2024-6056 | 2024-06-17 | nasirkhan Laravel Starter Password Reset forgot-password observable response discrepancy |
| CVE-2024-36973 | 2024-06-17 | misc: microchip: pci1xxxx: fix double free in the error handling of gp_aux_bus_probe() |