Lista CVE - 2024 / Giugno
Visualizzazione 2701 - 2800 di 3082 CVE per Giugno 2024 (Pagina 28 di 31)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2024-6300 | 2024-06-25 | Incomplete Cleanup in Conduit |
| CVE-2024-6303 | 2024-06-25 | Missing Authorization in Conduit |
| CVE-2024-6302 | 2024-06-25 | Improper Handling of Insufficient Permissions or Privileges in Conduit |
| CVE-2024-6301 | 2024-06-25 | Origin Validation Error in Conduit |
| CVE-2024-6299 | 2024-06-25 | Use of a Key Past its Expiration Date in Conduit |
| CVE-2024-32111 | 2024-06-25 | WordPress core < 6.5.5 - Auth. Arbitrary .html File Read (Windows Only) vulnerability |
| CVE-2024-5451 | 2024-06-25 | The7 — Website and eCommerce Builder for WordPress <= 11.13.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Attribute |
| CVE-2024-21827 | 2024-06-25 | A leftover debug code vulnerability exists in the cli_server debug... |
| CVE-2024-37085 | 2024-06-25 | VMware ESXi contains an authentication bypass vulnerability. A malicious actor... |
| CVE-2024-37086 | 2024-06-25 | VMware ESXi contains an out-of-bounds read vulnerability. A malicious actor... |
| CVE-2024-37087 | 2024-06-25 | The vCenter Server contains a denial-of-service vulnerability. A malicious actor... |
| CVE-2021-4440 | 2024-06-25 | x86/xen: Drop USERGS_SYSRET64 paravirt call |
| CVE-2022-48772 | 2024-06-25 | media: lgdt3306a: Add a check against null-pointer-def |
| CVE-2024-37078 | 2024-06-25 | nilfs2: fix potential kernel bug due to lack of writeback flag waiting |
| CVE-2024-37354 | 2024-06-25 | btrfs: fix crash on racing fsync and size-extending write into prealloc |
| CVE-2024-38306 | 2024-06-25 | btrfs: protect folio::private when attaching extent buffer folios |
| CVE-2024-38385 | 2024-06-25 | genirq/irqdesc: Prevent use-after-free in irq_find_at_or_after() |
| CVE-2024-38661 | 2024-06-25 | s390/ap: Fix crash in AP internal function modify_bitmap() |
| CVE-2024-39276 | 2024-06-25 | ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() |
| CVE-2024-39293 | 2024-06-25 | Revert "xsk: Support redirect to any socket bound to the same umem" |
| CVE-2024-39296 | 2024-06-25 | bonding: fix oops during rmmod |
| CVE-2024-39298 | 2024-06-25 | mm/memory-failure: fix handling of dissolved but not taken off from buddy pages |
| CVE-2024-39301 | 2024-06-25 | net/9p: fix uninit-value in p9_client_rpc() |
| CVE-2024-39371 | 2024-06-25 | io_uring: check for non-NULL file pointer in io_file_can_poll() |
| CVE-2024-39461 | 2024-06-25 | clk: bcm: rpi: Assign ->num before accessing ->hws |
| CVE-2024-39462 | 2024-06-25 | clk: bcm: dvp: Assign ->num before accessing ->hws |
| CVE-2024-39463 | 2024-06-25 | 9p: add missing locking around taking dentry fid list |
| CVE-2024-39464 | 2024-06-25 | media: v4l: async: Fix notifier list entry init |
| CVE-2024-39465 | 2024-06-25 | media: mgb4: Fix double debugfs remove |
| CVE-2024-39466 | 2024-06-25 | thermal/drivers/qcom/lmh: Check for SCM availability at probe |
| CVE-2024-39467 | 2024-06-25 | f2fs: fix to do sanity check on i_xattr_nid in sanity_check_inode() |
| CVE-2024-39468 | 2024-06-25 | smb: client: fix deadlock in smb2_find_smb_tcon() |
| CVE-2024-39469 | 2024-06-25 | nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors |
| CVE-2024-39470 | 2024-06-25 | eventfs: Fix a possible null pointer dereference in eventfs_find_events() |
| CVE-2024-39471 | 2024-06-25 | drm/amdgpu: add error handle to avoid out-of-bounds |
| CVE-2024-5805 | 2024-06-25 | MOVEit Gateway Authentication Bypass Vulnerability |
| CVE-2024-5806 | 2024-06-25 | MOVEit Transfer Authentication Bypass Vulnerability |
| CVE-2023-37541 | 2024-06-25 | HCL Connections is vulnerable to broken access control |
| CVE-2024-0171 | 2024-06-25 | Dell PowerEdge Server BIOS contains an TOCTOU race condition vulnerability.... |
| CVE-2024-5988 | 2024-06-25 | Rockwell Automation ThinManager® ThinServer™ Improper Input Validation Vulnerability |
| CVE-2024-5989 | 2024-06-25 | Rockwell Automation ThinManager® ThinServer™ Improper Input Validation Vulnerability |
| CVE-2024-5990 | 2024-06-25 | ThinManager® ThinServer™ Improper Input Validation Vulnerability |
| CVE-2024-6238 | 2024-06-25 | pgAdmin 4 Installation Directory permission issue |
| CVE-2024-6257 | 2024-06-25 | HashiCorp go-getter Vulnerable to Code Execution On Git Update Via Git Config Manipulation |
| CVE-2024-6308 | 2024-06-25 | itsourcecode Simple Online Hotel Reservation System index.php sql injection |
| CVE-2024-5276 | 2024-06-25 | SQL Injection Vulnerability in FileCatalyst Workflow 5.1.6 Build 135 (and earlier) |
| CVE-2024-37167 | 2024-06-25 | Tuleap has improper permissions of the backlog items |
| CVE-2024-37894 | 2024-06-25 | Squid vulnerable to heap corruption in ESI assign |
| CVE-2024-4883 | 2024-06-25 | WhatsUp Gold WriteDataFile Directory Traversal Remote Code Execution Vulnerability |
| CVE-2024-4884 | 2024-06-25 | WhatsUp Gold CommunityController Unrestricted File Upload Remote Code Execution Vulnerability |
| CVE-2024-4885 | 2024-06-25 | WhatsUp Gold GetFileWithoutZip Directory Traversal Remote Code Execution Vulnerability |
| CVE-2024-4498 | 2024-06-25 | Path Traversal and RFI Vulnerability in parisneo/lollms-webui |
| CVE-2024-5008 | 2024-06-25 | WhatsUp Gold APM Unrestricted File Upload Remote Code Execution Vulnerability |
| CVE-2024-5009 | 2024-06-25 | WhatsUp Gold SetAdminPassword Improper Access Control Privilege Escalation Vulnerability |
| CVE-2024-5010 | 2024-06-25 | WhatsUp Gold TestController multiple information disclosure vulnerabilities |
| CVE-2024-5011 | 2024-06-25 | WhatsUp Gold TestController Chart denial of service vulnerability |
| CVE-2024-6206 | 2024-06-25 | A security vulnerability has been identified in HPE Athonet Mobile... |
| CVE-2024-38516 | 2024-06-25 | Aimeos HTML client may potentially reveal sensitive information in error log |
| CVE-2024-5012 | 2024-06-25 | WhatsUp Gold Missing Authentication GetWindowsCredential Information Disclosure Vulnerability |
| CVE-2024-5013 | 2024-06-25 | WhatsUp Gold InstallController Denial-of-Service Vulnerability |
| CVE-2024-5014 | 2024-06-25 | WhatsUp Gold GetASPReport Server-Side Request Forgery Information Disclosure |
| CVE-2024-5015 | 2024-06-25 | WhatsUp Gold SessionControler Server-Side Request Forgery Information Disclosure Vulnerability |
| CVE-2024-5016 | 2024-06-25 | WhatsUp Gold OnMessage Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| CVE-2024-5017 | 2024-06-25 | WhatsUp Gold AppProfileImport path traversal vulnerability |
| CVE-2024-5018 | 2024-06-25 | WhatsUp Gold LoadUsingBasePath Directory Traversal Information Disclosure Vulnerability |
| CVE-2024-5019 | 2024-06-25 | WhatsUp Gold LoadCSSUsingBasePath Directory Traversal Information Disclosure Vulnerability |
| CVE-2024-30112 | 2024-06-25 | HCL Connections is vulnerable to a cross-site scripting (XSS) vulnerability |
| CVE-2024-6060 | 2024-06-25 | An information disclosure vulnerability in Phloc Webscopes 7.0.0 allows local... |
| CVE-2024-29953 | 2024-06-25 | Encoded session passwords on session storage for Virtual Fabric platforms |
| CVE-2024-4869 | 2024-06-25 | WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) <= 3.2.0 - Unauthenticated Stored Cross-Site Scripting via Client-IP header |
| CVE-2024-29954 | 2024-06-25 | password management API prints sensitive information in log files |
| CVE-2024-38364 | 2024-06-25 | DSpace Cross Site Scripting (XSS) via a deposited HTML/XML document |
| CVE-2024-38526 | 2024-06-25 | pdoc embeds link to malicious CDN if math mode is enabled |
| CVE-2024-5460 | 2024-06-25 | Brocade Fabric OS versions prior to v9.0 have default community strings |
| CVE-2023-26877 | 2024-06-26 | File upload vulnerability found in Softexpert Excellence Suite v.2.1 allows... |
| CVE-2024-23765 | 2024-06-26 | An issue was discovered on HMS Anybus X-Gateway AB7832-F 3... |
| CVE-2024-23767 | 2024-06-26 | An issue was discovered on HMS Anybus X-Gateway AB7832-F firmware... |
| CVE-2024-33326 | 2024-06-26 | A cross-site scripting (XSS) vulnerability in the component XsltResultControllerHtml.jsp of... |
| CVE-2024-33327 | 2024-06-26 | A cross-site scripting (XSS) vulnerability in the component UrlAccessibilityEvaluation.jsp of... |
| CVE-2024-34580 | 2024-06-26 | Apache XML Security for C++ through 2.0.4 implements the XML... |
| CVE-2024-34581 | 2024-06-26 | The W3C XML Signature Syntax and Processing (XMLDsig) specification, starting... |
| CVE-2024-35545 | 2024-06-26 | MAP-OS v4.45.0 and earlier was discovered to contain a cross-site... |
| CVE-2024-36829 | 2024-06-26 | Incorrect access control in Teldat M1 v11.00.05.50.01 allows attackers to... |
| CVE-2024-37571 | 2024-06-26 | Buffer Overflow vulnerability in SAS Broker 9.2 build 1495 allows... |
| CVE-2024-37734 | 2024-06-26 | An issue in OpenEMR 7.0.2 allows a remote attacker to... |
| CVE-2024-38949 | 2024-06-26 | Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to... |
| CVE-2024-38950 | 2024-06-26 | Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to... |
| CVE-2024-39243 | 2024-06-26 | An issue discovered in skycaiji 2.8 allows attackers to run... |
| CVE-2024-23766 | 2024-06-26 | An issue was discovered on HMS Anybus X-Gateway AB7832-F 3... |
| CVE-2024-33328 | 2024-06-26 | A cross-site scripting (XSS) vulnerability in the component main.jsp of... |
| CVE-2024-33329 | 2024-06-26 | A hardcoded privileged ID within Lumisxp v15.0.x to v16.1.x allows... |
| CVE-2024-39241 | 2024-06-26 | Cross Site Scripting (XSS) vulnerability in skycaiji 2.8 allows attackers... |
| CVE-2024-39242 | 2024-06-26 | A cross-site scripting (XSS) vulnerability in skycaiji v2.8 allows attackers... |
| CVE-2024-24764 | 2024-06-26 | October Open Redirect for Administrator Accounts |
| CVE-2024-5173 | 2024-06-26 | HT Mega – Absolute Addons For Elementor <= 2.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Player Widget Settings |
| CVE-2024-28973 | 2024-06-26 | Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS... |
| CVE-2024-29176 | 2024-06-26 | Dell PowerProtect DD, version(s) 8.0, 7.13.1.0, 7.10.1.30, 7.7.5.40, contain(s) an... |
| CVE-2024-29177 | 2024-06-26 | Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS... |
| CVE-2024-29173 | 2024-06-26 | Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS... |
| CVE-2024-5181 | 2024-06-26 | Command Injection in mudler/localai |