Lista CVE - 2024 / Giugno
Visualizzazione 2601 - 2700 di 3082 CVE per Giugno 2024 (Pagina 27 di 31)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2024-38384 | 2024-06-24 | blk-cgroup: fix list corruption from reorder of WRITE ->lqueued |
| CVE-2024-38663 | 2024-06-24 | blk-cgroup: fix list corruption from resetting io stat |
| CVE-2024-38664 | 2024-06-24 | drm: zynqmp_dpsub: Always register bridge |
| CVE-2024-4748 | 2024-06-24 | RCE in Cruddiy |
| CVE-2024-38667 | 2024-06-24 | riscv: prevent pt_regs corruption for secondary idle threads |
| CVE-2024-39291 | 2024-06-24 | drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() |
| CVE-2024-39292 | 2024-06-24 | um: Add winch to winch_handlers before registering winch IRQ |
| CVE-2024-32936 | 2024-06-24 | media: ti: j721e-csi2rx: Fix races while restarting DMA |
| CVE-2024-33847 | 2024-06-24 | f2fs: compress: don't allow unaligned truncation on released compress inode |
| CVE-2024-34027 | 2024-06-24 | f2fs: compress: fix to cover {reserve,release}_compress_blocks() w/ cp_rwsem lock |
| CVE-2024-34030 | 2024-06-24 | PCI: of_property: Return error for int_map allocation failure |
| CVE-2024-35247 | 2024-06-24 | fpga: region: add owner module and take its refcount |
| CVE-2024-36479 | 2024-06-24 | fpga: bridge: add owner module and take its refcount |
| CVE-2024-37021 | 2024-06-24 | fpga: manager: add owner module and take its refcount |
| CVE-2024-37026 | 2024-06-24 | drm/xe: Only use reserved BCS instances for usm migrate exec queue |
| CVE-2024-33687 | 2024-06-24 | Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a user program in the affected product is... |
| CVE-2024-6285 | 2024-06-24 | Integer Underflow in Memory Range Check in Renesas RCAR |
| CVE-2024-6287 | 2024-06-24 | Incorrect Address Range Calculations |
| CVE-2024-38373 | 2024-06-24 | FreeRTOS-Plus-TCP Buffer Over-Read in DNS Response Parser |
| CVE-2024-38369 | 2024-06-24 | XWiki programming rights may be inherited by inclusion |
| CVE-2024-6104 | 2024-06-24 | go-retryablehttp can leak basic auth credentials to log files |
| CVE-2023-49793 | 2024-06-24 | Path traversal in `CodeChecker server` in the endpoint of `CodeChecker store` |
| CVE-2023-45196 | 2024-06-24 | Adminer and AdminerEvo denial of service via HTTP redirect |
| CVE-2023-45195 | 2024-06-24 | Adminer and AdminerEvo SSRF |
| CVE-2024-6290 | 2024-06-24 | Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2024-6291 | 2024-06-24 | Use after free in Swiftshader in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2024-6292 | 2024-06-24 | Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2024-6293 | 2024-06-24 | Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2024-22168 | 2024-06-24 | Cross-Site Scripting (XSS) vulnerability on Western Digital My Cloud and SanDisk ibi Web Apps |
| CVE-2024-21739 | 2024-06-25 | Geehy APM32F103CCT6, APM32F103RCT6, APM32F103RCT7, and APM32F103VCT6 devices have Incorrect Access Control. |
| CVE-2024-21740 | 2024-06-25 | Artery AT32F415CBT7 and AT32F421C8T7 devices have Incorrect Access Control. |
| CVE-2024-30931 | 2024-06-25 | Stored Cross Site Scripting vulnerability in Emby Media Server Emby Media Server 4.8.3.0 allows a remote attacker to escalate privileges via the notifications.html component. |
| CVE-2024-34400 | 2024-06-25 | An issue was discovered in VirtoSoftware Virto Kanban Board Web Part before 5.3.5.1 for SharePoint 2019. There is /_layouts/15/Virto.KanbanTaskManager/api/KanbanData.ashx LinkTitle2 XSS. |
| CVE-2024-35526 | 2024-06-25 | An issue in Daemon PTY Limited FarCry Core framework before 7.2.14 allows attackers to access sensitive information in the /facade directory. |
| CVE-2024-35527 | 2024-06-25 | An arbitrary file upload vulnerability in /fileupload/upload.cfm in Daemon PTY Limited FarCry Core framework before 7.2.14 allows attackers to execute arbitrary code via uploading a crafted .cfm file. |
| CVE-2024-36819 | 2024-06-25 | MAP-OS 4.45.0 and earlier is vulnerable to Cross-Site Scripting (XSS). This vulnerability allows malicious users to insert a malicious payload into the "Client Name" input. When a service order from... |
| CVE-2024-37742 | 2024-06-25 | Insecure Access Control in Safe Exam Browser (SEB) = 3.5.0 on Windows. The vulnerability allows an attacker to share clipboard data between the SEB kiosk mode and the underlying system,... |
| CVE-2024-37820 | 2024-06-25 | A nil pointer dereference in PingCAP TiDB v8.2.0-alpha-216-gfe5858b allows attackers to crash the application via expression.inferCollation. |
| CVE-2024-37843 | 2024-06-25 | Craft CMS up to v3.7.31 was discovered to contain a SQL injection vulnerability via the GraphQL API endpoint. |
| CVE-2024-37855 | 2024-06-25 | An issue in Nepstech Wifi Router xpon (terminal) NTPL-Xpon1GFEVN, hardware verstion 1.0 firmware 2.0.1 allows a remote attacker to execute arbitrary code via the router's Telnet port 2345 without requiring... |
| CVE-2024-38951 | 2024-06-25 | A buffer overflow in PX4-Autopilot v1.12.3 allows attackers to cause a Denial of Service (DoS) via a crafted MavLink message. |
| CVE-2024-38952 | 2024-06-25 | PX4-Autopilot v1.14.3 was discovered to contain a buffer overflow via the topic_name parameter at /logger/logged_topics.cpp. |
| CVE-2024-21741 | 2024-06-25 | GigaDevice GD32E103C8T6 devices have Incorrect Access Control. |
| CVE-2024-23140 | 2024-06-25 | Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software |
| CVE-2024-23141 | 2024-06-25 | Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software |
| CVE-2024-23142 | 2024-06-25 | Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software |
| CVE-2024-22385 | 2024-06-25 | File and Directory Permission Vulnerability in Hitachi Storage Provider for VMware vCenter |
| CVE-2023-6198 | 2024-06-25 | Hard Coded Credential |
| CVE-2024-6294 | 2024-06-25 | udn News App - Sensitive Information Exposure |
| CVE-2024-23143 | 2024-06-25 | Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software |
| CVE-2024-23144 | 2024-06-25 | Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software |
| CVE-2024-6295 | 2024-06-25 | udn News App - Insecure Data Storage |
| CVE-2023-5038 | 2024-06-25 | Unauthenticated DoS |
| CVE-2024-23145 | 2024-06-25 | Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software |
| CVE-2024-23146 | 2024-06-25 | Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software |
| CVE-2024-23147 | 2024-06-25 | Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software |
| CVE-2024-23148 | 2024-06-25 | Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software |
| CVE-2024-23149 | 2024-06-25 | Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software |
| CVE-2024-37000 | 2024-06-25 | Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software |
| CVE-2024-37001 | 2024-06-25 | Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software |
| CVE-2024-37002 | 2024-06-25 | Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software |
| CVE-2024-37003 | 2024-06-25 | Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software |
| CVE-2024-37004 | 2024-06-25 | Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software |
| CVE-2024-37005 | 2024-06-25 | Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software |
| CVE-2024-37006 | 2024-06-25 | Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software |
| CVE-2024-23150 | 2024-06-25 | Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products |
| CVE-2024-23151 | 2024-06-25 | Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products |
| CVE-2024-23152 | 2024-06-25 | Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products |
| CVE-2024-23153 | 2024-06-25 | Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products |
| CVE-2024-23154 | 2024-06-25 | Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products |
| CVE-2024-23155 | 2024-06-25 | Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products |
| CVE-2024-23156 | 2024-06-25 | Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products |
| CVE-2024-6297 | 2024-06-25 | Several WordPress.org Plugins <= Various Versions - Injected Backdoor |
| CVE-2024-23157 | 2024-06-25 | Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products |
| CVE-2024-23158 | 2024-06-25 | Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products |
| CVE-2024-23159 | 2024-06-25 | Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products |
| CVE-2024-36999 | 2024-06-25 | Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products |
| CVE-2024-37007 | 2024-06-25 | Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products |
| CVE-2024-4196 | 2024-06-25 | Avaya IP Office Web Control RCE Vulnerability |
| CVE-2024-4197 | 2024-06-25 | Avaya IP Office One-X Portal File Upload Vulnerability |
| CVE-2024-32855 | 2024-06-25 | Dell Client Platform BIOS contains an Out-of-bounds Write vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering. |
| CVE-2024-5431 | 2024-06-25 | WPCafe – Online Food Ordering, Restaurant Menu, Delivery, and Reservations for WooCommerce <= 2.2.25 - Authenticated (Contributor+) File inclusion via Shortcode |
| CVE-2024-4757 | 2024-06-25 | Logo Manager For Enamad <= 0.7.0 - Stored XSS via CSRF |
| CVE-2024-4759 | 2024-06-25 | Mime Types Extended <= 0.11 - Author+ Stored XSS via SVG Upload |
| CVE-2024-3249 | 2024-06-25 | Zita Elementor Site Library <= 1.6.2 - Missing Authorization to Page Creation and Options Modification |
| CVE-2024-6028 | 2024-06-25 | Quiz Maker <= 6.5.8.3 - Unauthenticated SQL Injection via 'ays_questions' Parameter |
| CVE-2024-4638 | 2024-06-25 | OnCell G3470A-LTE Series: Authenticated Command Injection via webUploadKey |
| CVE-2024-34141 | 2024-06-25 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-34142 | 2024-06-25 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-4639 | 2024-06-25 | OnCell G3470A-LTE Series: Authenticated Command Injection via webDelIPSec |
| CVE-2024-4640 | 2024-06-25 | OnCell G3470A-LTE Series: Authenticated Command Injection via sendTestEmail |
| CVE-2024-4641 | 2024-06-25 | OnCell G3470A-LTE Series: Authenticated Format String Errors |
| CVE-2024-5216 | 2024-06-25 | Denial of Service in mintplex-labs/anything-llm |
| CVE-2024-6307 | 2024-06-25 | WordPress Core < 6.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via HTML API |
| CVE-2024-28831 | 2024-06-25 | XSS in confirmation pop-up |
| CVE-2024-28832 | 2024-06-25 | XSS in Crash Report Page |
| CVE-2024-4846 | 2024-06-25 | Authentication bypass in the 2FA feature in Devolutions Server 2024.1.14.0 and earlier allows an authenticated attacker to authenticate to another user without being asked for the 2FA via another browser... |
| CVE-2024-5261 | 2024-06-25 | TLS certificate are not properly verified when utilizing LibreOfficeKit |
| CVE-2024-31111 | 2024-06-25 | WordPress Core < 6.5.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-6300 | 2024-06-25 | Incomplete Cleanup in Conduit |