Lista CVE - 2024 / Giugno
Visualizzazione 2801 - 2900 di 3082 CVE per Giugno 2024 (Pagina 29 di 31)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2024-29174 | 2024-06-26 | Dell Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.30, LTS... |
| CVE-2024-29175 | 2024-06-26 | Dell PowerProtect Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.40,... |
| CVE-2024-27867 | 2024-06-26 | An authentication issue was addressed with improved state management. This... |
| CVE-2024-37138 | 2024-06-26 | Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS... |
| CVE-2024-37139 | 2024-06-26 | Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS... |
| CVE-2024-37140 | 2024-06-26 | Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS... |
| CVE-2024-37141 | 2024-06-26 | Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS... |
| CVE-2024-21520 | 2024-06-26 | Versions of the package djangorestframework before 3.15.2 are vulnerable to... |
| CVE-2024-4105 | 2024-06-26 | A vulnerability has been found in FAST/TOOLS and CI Server.... |
| CVE-2024-4106 | 2024-06-26 | A vulnerability has been found in FAST/TOOLS and CI Server.... |
| CVE-2024-5332 | 2024-06-26 | Exclusive Addons for Elementor <= 2.6.9.8 - Authenticated (Contibutor+) Stored Cross-Site Scripting via Card Widget |
| CVE-2024-3633 | 2024-06-26 | WebP & SVG Support <= 1.4.0 - Author+ Stored XSS via SVG |
| CVE-2024-4758 | 2024-06-26 | Muslim Prayer Time BD <= 2.4 - Settings Reset via CSRF |
| CVE-2024-4957 | 2024-06-26 | Frontend Checklist <= 2.3.2 - Admin+ Stored XSS |
| CVE-2024-4959 | 2024-06-26 | Frontend Checklist <= 2.3.2 - Admin+ Stored XSS via Items |
| CVE-2024-5071 | 2024-06-26 | Bookster <= 1.1.0 - Unauthenticated Appointment Status Update |
| CVE-2024-5169 | 2024-06-26 | Video Widget <= 1.2.3 - Admin+ Stored XSS via Widget |
| CVE-2024-5199 | 2024-06-26 | Spotify Play Button <= 1.0 - Contributor+ Stored XSS |
| CVE-2024-5473 | 2024-06-26 | Simple Photoswipe <= 0.1 - Admin+ Stored XSS |
| CVE-2024-5573 | 2024-06-26 | Easy Table of Contents < 2.0.66 - Admin+ Stored XSS |
| CVE-2024-5215 | 2024-06-26 | HT Mega – Absolute Addons For Elementor <= 2.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets |
| CVE-2024-28830 | 2024-06-26 | Automation user secrets written to audit log |
| CVE-2024-37252 | 2024-06-26 | WordPress Email Subscribers by Icegram Express plugin <= 5.7.25 - SQL Injection vulnerability |
| CVE-2024-6344 | 2024-06-26 | ZKTeco ZKBio CVSecurity V5000 Push Configuration Section cross site scripting |
| CVE-2024-37098 | 2024-06-26 | WordPress BlossomThemes Email Newsletter plugin <= 2.2.6 - Server Side Request Forgery (SSRF) vulnerability |
| CVE-2024-4228 | 2024-06-26 | SQLi in Magarsus Consultancy's SSO |
| CVE-2024-4604 | 2024-06-26 | Open Redirect in Magarsus Consultancy's SSO |
| CVE-2024-38271 | 2024-06-26 | Denial of Service in Quick Share |
| CVE-2024-38272 | 2024-06-26 | Auth Bypass in Quick Share |
| CVE-2024-25637 | 2024-06-26 | Reflected XSS via X-October-Request-Handler Header |
| CVE-2024-6354 | 2024-06-26 | Improper access control in PAM dashboard in Devolutions Remote Desktop... |
| CVE-2024-39458 | 2024-06-26 | When Jenkins Structs Plugin 337.v1b_04ea_4df7c8 and earlier fails to configure... |
| CVE-2024-39459 | 2024-06-26 | In rare cases Jenkins Plain Credentials Plugin 182.v468b_97b_9dcb_8 and earlier... |
| CVE-2024-39460 | 2024-06-26 | Jenkins Bitbucket Branch Source Plugin 886.v44cf5e4ecec5 and earlier prints the... |
| CVE-2024-38375 | 2024-06-26 | @fastly/js-compute use-after-free in some host call implementations |
| CVE-2024-38520 | 2024-06-26 | SoftEther VPN with L2TP - 2.75x Amplification |
| CVE-2024-38527 | 2024-06-26 | Cross-site Scripting in ZenUML |
| CVE-2024-1839 | 2024-06-26 | Intrado 911 Emergency Gateway login form is vulnerable to an... |
| CVE-2024-6355 | 2024-06-26 | Genexis Tilgin Fiber Home Gateway HG1522 cross site scripting |
| CVE-2024-37248 | 2024-06-26 | WordPress Anima theme <= 1.4.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37247 | 2024-06-26 | WordPress jQuery T(-) Countdown Widget plugin <= 2.3.25 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-28982 | 2024-06-26 | Hitachi Vantara Pentaho Business Analytics Server - Improper Restriction of XML External Entity Reference |
| CVE-2024-28983 | 2024-06-26 | Hitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
| CVE-2024-28984 | 2024-06-26 | Hitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
| CVE-2024-6323 | 2024-06-26 | Improper Isolation or Compartmentalization in GitLab |
| CVE-2024-5430 | 2024-06-26 | Improper Access Control in GitLab |
| CVE-2024-5655 | 2024-06-26 | Improper Access Control in GitLab |
| CVE-2024-4901 | 2024-06-26 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab |
| CVE-2024-4557 | 2024-06-26 | Uncontrolled Resource Consumption in GitLab |
| CVE-2024-4011 | 2024-06-26 | Improper Access Control in GitLab |
| CVE-2024-3959 | 2024-06-26 | Improper Authorization in GitLab |
| CVE-2024-3115 | 2024-06-26 | Exposure of Sensitive Information to an Unauthorized Actor in GitLab |
| CVE-2024-2191 | 2024-06-26 | Improper Access Control in GitLab |
| CVE-2024-1816 | 2024-06-26 | Uncontrolled Resource Consumption in GitLab |
| CVE-2024-1493 | 2024-06-26 | Uncontrolled Resource Consumption in GitLab |
| CVE-2023-52892 | 2024-06-27 | In phpseclib before 1.0.22, 2.x before 2.0.46, and 3.x before... |
| CVE-2024-28820 | 2024-06-27 | Buffer overflow in the extract_openvpn_cr function in openvpn-cr.c in openvpn-auth-ldap... |
| CVE-2024-31802 | 2024-06-27 | DESIGNA ABACUS v.18 and before allows an attacker to bypass... |
| CVE-2024-36059 | 2024-06-27 | Directory Traversal vulnerability in Kalkitech ASE ASE61850 IEDSmart upto and... |
| CVE-2024-36072 | 2024-06-27 | Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through... |
| CVE-2024-36073 | 2024-06-27 | Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through... |
| CVE-2024-36074 | 2024-06-27 | Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through... |
| CVE-2024-36075 | 2024-06-27 | The CoSoSys Endpoint Protector through 5.9.3 and Unify agent through... |
| CVE-2024-36755 | 2024-06-27 | D-Link DIR-1950 up to v1.11B03 does not validate SSL certificates... |
| CVE-2024-39129 | 2024-06-27 | Heap Buffer Overflow vulnerability in DumpTS v0.1.0-nightly allows attackers to... |
| CVE-2024-39130 | 2024-06-27 | A NULL Pointer Dereference discovered in DumpTS v0.1.0-nightly allows attackers... |
| CVE-2024-39132 | 2024-06-27 | A NULL Pointer Dereference vulnerability in DumpTS v0.1.0-nightly allows attackers... |
| CVE-2024-39133 | 2024-06-27 | Heap Buffer Overflow vulnerability in zziplib v0.13.77 allows attackers to... |
| CVE-2024-39134 | 2024-06-27 | A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers... |
| CVE-2024-39153 | 2024-06-27 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery... |
| CVE-2024-39154 | 2024-06-27 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery... |
| CVE-2024-39155 | 2024-06-27 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery... |
| CVE-2024-39156 | 2024-06-27 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery... |
| CVE-2024-39157 | 2024-06-27 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery... |
| CVE-2024-39158 | 2024-06-27 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery... |
| CVE-2024-39207 | 2024-06-27 | lua-shmem v1.0-1 was discovered to contain a buffer overflow via... |
| CVE-2024-39208 | 2024-06-27 | luci-app-lucky v2.8.3 was discovered to contain hardcoded credentials. |
| CVE-2024-39209 | 2024-06-27 | luci-app-sms-tool v1.9-6 was discovered to contain a command injection vulnerability... |
| CVE-2024-39669 | 2024-06-27 | In the Console in Soffid IAM before 3.5.39, necessary checks... |
| CVE-2024-39705 | 2024-06-27 | NLTK through 3.8.1 allows remote code execution if untrusted packages... |
| CVE-2024-39708 | 2024-06-27 | An issue was discovered in the Agent in Delinea Privilege... |
| CVE-2016-20022 | 2024-06-27 | In the Linux kernel before 4.8, usb_parse_endpoint in drivers/usb/core/config.c does... |
| CVE-2024-6054 | 2024-06-27 | Auto Featured Image <= 1.2 - Authenticated (Contributor+) Arbitrary File Upload |
| CVE-2024-5289 | 2024-06-27 | Gutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.2.42 - Authenticated (Contributor+) Stored Cross-Site Scripting in Google Maps Widget |
| CVE-2024-4569 | 2024-06-27 | Elementor Addon Elements <= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-4570 | 2024-06-27 | Elementor Addon Elements <= 1.13.5 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-6283 | 2024-06-27 | DethemeKit For Elementor <= 2.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via URL Parameter of the De Gallery Widget |
| CVE-2024-1330 | 2024-06-27 | Kadence Blocks Pro < 2.3.8 - Contributor+ Arbitrary Option Access |
| CVE-2024-3111 | 2024-06-27 | H5P < 1.15.8 - Contributor+ Stored XSS |
| CVE-2024-4664 | 2024-06-27 | WP Chat App < 3.6.5 - Admin+ Stored XSS |
| CVE-2024-4704 | 2024-06-27 | Contact Form 7 < 5.9.5 - Unauthenticated Open Redirect |
| CVE-2024-22231 | 2024-06-27 | Syndic cache directory creation is vulnerable to a directory traversal attack |
| CVE-2024-22232 | 2024-06-27 | Specially crafted url can be created which leads to a directory traversal in the salt file server |
| CVE-2024-5601 | 2024-06-27 | Create by Mediavine <= 1.9.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Schema Meta Shortcode |
| CVE-2024-4983 | 2024-06-27 | The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.6.0- Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-0947 | 2024-06-27 | Cookies Manipulation in Talya Informatics' Elektraweb |
| CVE-2023-7270 | 2024-06-27 | Local Privilege Escalation via MSI installer |
| CVE-2024-0949 | 2024-06-27 | Improper Access Control in Talya Informatics' Elektraweb |
| CVE-2024-5535 | 2024-06-27 | SSL_select_next_proto buffer overread |
| CVE-2024-6262 | 2024-06-27 | Portfolio Gallery – Image Gallery Plugin <= 1.6.4 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting |