Lista CVE - 2024 / Giugno
Visualizzazione 501 - 600 di 3082 CVE per Giugno 2024 (Pagina 6 di 31)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2024-4881 | 2024-06-06 | Path Traversal in parisneo/lollms |
| CVE-2024-2383 | 2024-06-06 | Clickjacking Vulnerability in zenml-io/zenml |
| CVE-2024-5550 | 2024-06-06 | Exposure of Sensitive Information via Arbitrary System Path Lookup in h2oai/h2o-3 |
| CVE-2024-5306 | 2024-06-06 | Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| CVE-2024-1881 | 2024-06-06 | Improper Neutralization of Special Elements used in an OS Command in significant-gravitas/autogpt |
| CVE-2024-22326 | 2024-06-06 | IBM System Storage improper authentication |
| CVE-2024-5307 | 2024-06-06 | Kofax Power PDF AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2024-3102 | 2024-06-06 | JSON Injection in mintplex-labs/anything-llm |
| CVE-2024-2213 | 2024-06-06 | Improper Authentication in zenml-io/zenml |
| CVE-2024-0520 | 2024-06-06 | Remote Code Execution due to Full Controlled File Write in mlflow/mlflow |
| CVE-2024-5225 | 2024-06-06 | SQL Injection in berriai/litellm |
| CVE-2024-5186 | 2024-06-06 | Server Side Request Forgery (SSRF) in imartinez/privategpt |
| CVE-2024-5478 | 2024-06-06 | Cross-site Scripting (XSS) in SAML metadata endpoint in lunary-ai/lunary |
| CVE-2024-3234 | 2024-06-06 | Path Traversal in gaizhenbiao/chuanhuchatgpt |
| CVE-2024-30373 | 2024-06-06 | Kofax Power PDF JPF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2024-5133 | 2024-06-06 | Account Takeover via Exposed Recovery Token in lunary-ai/lunary |
| CVE-2024-2171 | 2024-06-06 | Stored XSS in zenml-io/zenml |
| CVE-2024-4320 | 2024-06-06 | Remote Code Execution due to LFI in '/install_extension' in parisneo/lollms-webui |
| CVE-2024-3166 | 2024-06-06 | Cross-Site Scripting (XSS) Vulnerability in mintplex-labs/anything-llm |
| CVE-2024-4890 | 2024-06-06 | Blind SQL Injection in berriai/litellm |
| CVE-2024-3402 | 2024-06-06 | Stored XSS vulnerability in gaizhenbiao/chuanhuchatgpt |
| CVE-2024-2288 | 2024-06-06 | CSRF File Upload Vulnerability in parisneo/lollms-webui |
| CVE-2024-2035 | 2024-06-06 | Improper Authorization in zenml-io/zenml |
| CVE-2024-5206 | 2024-06-06 | Sensitive Data Leakage in sklearn.feature_extraction.text.TfidfVectorizer in scikit-learn/scikit-learn |
| CVE-2024-5129 | 2024-06-06 | Privilege Escalation Vulnerability in lunary-ai/lunary |
| CVE-2024-3095 | 2024-06-06 | SSRF in Langchain Web Research Retriever in langchain-ai/langchain |
| CVE-2024-2928 | 2024-06-06 | Local File Inclusion (LFI) via URI Fragment Parsing in mlflow/mlflow |
| CVE-2024-4888 | 2024-06-06 | Arbitrary File Deletion in BerriAI/litellm |
| CVE-2024-5131 | 2024-06-06 | Improper Access Control in lunary-ai/lunary |
| CVE-2024-1880 | 2024-06-06 | OS Command Injection in MacOS Text-To-Speech Class in significant-gravitas/autogpt |
| CVE-2024-4851 | 2024-06-06 | SSRF Vulnerability in stangirard/quivr |
| CVE-2024-1873 | 2024-06-06 | Path Traversal and Denial of Service in parisneo/lollms-webui |
| CVE-2024-36740 | 2024-06-06 | An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause... |
| CVE-2024-3322 | 2024-06-06 | Path Traversal in parisneo/lollms-webui |
| CVE-2024-3153 | 2024-06-06 | Uncontrolled Resource Consumption in mintplex-labs/anything-llm |
| CVE-2024-36735 | 2024-06-06 | OneFlow-Inc. Oneflow v0.9.1 does not display an error or warning... |
| CVE-2024-5130 | 2024-06-06 | Incorrect Authorization in lunary-ai/lunary |
| CVE-2024-3149 | 2024-06-06 | SSRF in mintplex-labs/anything-llm |
| CVE-2024-36734 | 2024-06-06 | Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows attackers to... |
| CVE-2024-5278 | 2024-06-06 | Unrestricted File Upload leading to RCE in gaizhenbiao/chuanhuchatgpt |
| CVE-2024-3429 | 2024-06-06 | Path Traversal in parisneo/lollms |
| CVE-2024-3404 | 2024-06-06 | Improper Access Control in gaizhenbiao/chuanhuchatgpt |
| CVE-2024-5187 | 2024-06-06 | Arbitrary File Overwrite in download_model_with_test_data in onnx/onnx |
| CVE-2023-45192 | 2024-06-06 | IBM Engineering Requirements Management DOORS Next XML external entity injection |
| CVE-2024-2032 | 2024-06-06 | Race Condition Vulnerability in zenml-io/zenml |
| CVE-2024-5248 | 2024-06-06 | Improper Access Control in lunary-ai/lunary |
| CVE-2024-37153 | 2024-06-06 | Evmos's contract balance not updating correctly after interchain transaction |
| CVE-2024-36732 | 2024-06-06 | An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause... |
| CVE-2024-2965 | 2024-06-06 | Denial-of-Service in LangChain SitemapLoader in langchain-ai/langchain |
| CVE-2024-3150 | 2024-06-06 | Privilege Escalation in mintplex-labs/anything-llm |
| CVE-2024-5328 | 2024-06-06 | SSRF Vulnerability in lunary-ai/lunary |
| CVE-2024-5124 | 2024-06-06 | Timing Attack Vulnerability in gaizhenbiao/chuanhuchatgpt |
| CVE-2024-3408 | 2024-06-06 | Authentication Bypass and RCE in man-group/dtale |
| CVE-2024-2360 | 2024-06-06 | Path Traversal leading to Remote Code Execution in parisneo/lollms-webui |
| CVE-2024-2359 | 2024-06-06 | Improper Neutralization of Special Elements used in an OS Command in parisneo/lollms-webui |
| CVE-2024-37154 | 2024-06-06 | Evmos allows unvested token delegations |
| CVE-2024-36730 | 2024-06-06 | Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows attackers to... |
| CVE-2024-22074 | 2024-06-06 | Dynamsoft Service 1.8.1025 through 1.8.2013, 1.7.0330 through 1.7.2531, 1.6.0428 through... |
| CVE-2024-36795 | 2024-06-06 | Insecure permissions in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to access... |
| CVE-2024-32752 | 2024-06-06 | Johnson Controls Software House iSTAR Configuration Utility (ICU) Tool |
| CVE-2024-36823 | 2024-06-06 | The encrypt() function of Ninja Core v7.0.0 was discovered to... |
| CVE-2023-49441 | 2024-06-06 | dnsmasq 2.9 is vulnerable to Integer Overflow via forward_query. |
| CVE-2024-24192 | 2024-06-06 | robdns commit d76d2e6 was discovered to contain a heap overflow... |
| CVE-2024-24194 | 2024-06-06 | robdns commit d76d2e6 was discovered to contain a NULL pointer... |
| CVE-2024-24195 | 2024-06-06 | robdns commit d76d2e6 was discovered to contain a misaligned address... |
| CVE-2024-24198 | 2024-06-06 | smartdns commit 54b4dc was discovered to contain a misaligned address... |
| CVE-2024-24199 | 2024-06-06 | smartdns commit 54b4dc was discovered to contain a misaligned address... |
| CVE-2024-22524 | 2024-06-06 | dnspod-sr 0dfbd37 is vulnerable to buffer overflow. |
| CVE-2024-22525 | 2024-06-06 | dnspod-sr 0dfbd37 contains a SEGV. |
| CVE-2023-51847 | 2024-06-06 | An issue in obgm and Libcoap v.a3ed466 allows a remote... |
| CVE-2024-4013 | 2024-06-06 | Failure to update BT Mesh Replay Protection List |
| CVE-2024-36774 | 2024-06-06 | An arbitrary file upload vulnerability in Monstra CMS v3.0.4 allows... |
| CVE-2024-36775 | 2024-06-06 | A cross-site scripting (XSS) vulnerability in Monstra CMS v3.0.4 allows... |
| CVE-2023-37539 | 2024-06-06 | HCL Domino Catalog template is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability |
| CVE-2023-49221 | 2024-06-07 | Precor touchscreen console P62, P80, and P82 could allow a... |
| CVE-2023-49222 | 2024-06-07 | Precor touchscreen console P82 contains a private SSH key that... |
| CVE-2023-49223 | 2024-06-07 | Precor touchscreen console P62, P80, and P82 could allow a... |
| CVE-2023-49224 | 2024-06-07 | Precor touchscreen console P62, P80, and P82 contains a default... |
| CVE-2024-30162 | 2024-06-07 | Invision Community through 4.7.16 allows remote code execution via the... |
| CVE-2024-31958 | 2024-06-07 | An issue was discovered in Samsung Mobile Processor EExynos 2200,... |
| CVE-2024-31959 | 2024-06-07 | An issue was discovered in Samsung Mobile Processor Exynos 2200,... |
| CVE-2024-32502 | 2024-06-07 | An issue was discovered in Samsung Mobile Processor and Wearable... |
| CVE-2024-37383 | 2024-06-07 | Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS... |
| CVE-2024-37384 | 2024-06-07 | Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS... |
| CVE-2024-37388 | 2024-06-07 | An XML External Entity (XXE) vulnerability in the ebookmeta.get_metadata function... |
| CVE-2024-30163 | 2024-06-07 | Invision Community before 4.7.16 allow SQL injection via the applications/nexus/modules/front/store/store.php... |
| CVE-2024-36827 | 2024-06-07 | An XML External Entity (XXE) vulnerability in the ebookmeta.get_metadata function... |
| CVE-2022-4968 | 2024-06-07 | netplan leaks the private key of wireguard to local users.... |
| CVE-2024-1689 | 2024-06-07 | WooCommerce Tools <= 1.2.9 - Missing Authorization to Authenticated (Subscriber+) Plugin Module Deactivation |
| CVE-2023-6876 | 2024-06-07 | Clever Fox – One Click Website Importer by Nayra Themes <= 25.2.0 - Missing Authorization to arbitrary theme activation via clever-fox-activate-theme |
| CVE-2023-32475 | 2024-06-07 | Dell BIOS contains a missing support for integrity check vulnerability.... |
| CVE-2024-1768 | 2024-06-07 | Clever Fox <= 25.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-3987 | 2024-06-07 | WP Mobile Menu – The Mobile-Friendly Responsive Menu <= 2.8.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Alt |
| CVE-2024-5607 | 2024-06-07 | GDPR CCPA Compliance & Cookie Consent Banner <= 2.7.0 - Missing Authorization to Settings Update and Stored Cross-Site Scripting |
| CVE-2024-4887 | 2024-06-07 | Qi Addons For Elementor <= 1.7.2 - Authenticated (Contributor+) Local File Inclusion |
| CVE-2024-5425 | 2024-06-07 | WP jQuery Lightbox <= 1.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via title Attribute |
| CVE-2024-1988 | 2024-06-07 | Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks <= 2.2.80 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-37385 | 2024-06-07 | Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 on Windows... |
| CVE-2024-36082 | 2024-06-07 | SQL injection vulnerability in Music Store - WordPress eCommerce versions... |
| CVE-2024-5612 | 2024-06-07 | Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.8.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Lightbox and Modal Widget |