Lista CVE - 2024 / Luglio
Visualizzazione 2101 - 2200 di 3117 CVE per Luglio 2024 (Pagina 22 di 32)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2024-6960 | 2024-07-21 | H2O deserializes ML models without filtering, potentially allowing execution of malicious code |
| CVE-2024-6949 | 2024-07-21 | Gargaj wuhu path traversal |
| CVE-2024-6950 | 2024-07-21 | Prain HTTP POST Request ?import code injection |
| CVE-2024-6961 | 2024-07-21 | XXE in Guardrails AI when consuming RAIL documents |
| CVE-2024-6951 | 2024-07-21 | SourceCodester Simple Online Book Store System admin_delete.php sql injection |
| CVE-2024-6952 | 2024-07-21 | itsourcecode University Management System sql injection |
| CVE-2024-6953 | 2024-07-21 | itsourcecode Tailoring Management System sms.php sql injection |
| CVE-2024-6954 | 2024-07-21 | SourceCodester Record Management System sort1.php cross site scripting |
| CVE-2024-6955 | 2024-07-21 | SourceCodester Record Management System sort2.php cross site scripting |
| CVE-2024-6956 | 2024-07-21 | itsourcecode University Management System view_cgpa.php sql injection |
| CVE-2024-6957 | 2024-07-21 | itsourcecode University Management System Login functions.php sql injection |
| CVE-2024-6958 | 2024-07-21 | itsourcecode University Management System Avatar File st_update.php unrestricted upload |
| CVE-2024-38786 | 2024-07-21 | WordPress CoziPress theme <= 1.0.30 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38785 | 2024-07-21 | WordPress Gutenverse plugin <= 1.9.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38784 | 2024-07-21 | WordPress Livemesh Addons for Beaver Builder plugin <= 3.6.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38782 | 2024-07-21 | WordPress Leaflet Maps Marker plugin <= 3.12.9 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38781 | 2024-07-21 | WordPress CopySafe Web Protection plugin <= 3.15 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37485 | 2024-07-21 | WordPress bbPress Notify (No-Spam) plugin <= 2.18.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37480 | 2024-07-21 | WordPress Apollo13 Framework Extensions plugin <= 1.9.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37466 | 2024-07-21 | WordPress Mega Elements plugin <= 1.2.2 - Contributor+ Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37465 | 2024-07-21 | WordPress AI Power: Complete AI Pack – Powered by GPT-4 plugin <= 1.8.66 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37461 | 2024-07-21 | WordPress IdeaPush plugin <= 8.65 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37460 | 2024-07-21 | WordPress SuperSaaS – online appointment scheduling plugin <= 2.1.9 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37459 | 2024-07-21 | WordPress PayPlus Payment Gateway plugin <= 6.6.8 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37457 | 2024-07-21 | WordPress Ultimate Blocks – WordPress Blocks Plugin plugin <= 3.1.9 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37449 | 2024-07-21 | WordPress Slider Revolution plugin <= 6.7.13 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37447 | 2024-07-21 | WordPress PixelYourSite plugin <= 9.6.1.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37446 | 2024-07-21 | WordPress Chained Quiz plugin <= 1.3.2.8 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-6962 | 2024-07-21 | Tenda O3 formQosSet stack-based overflow |
| CVE-2020-24102 | 2024-07-22 | Directory Traversal vulnerability in Punkbuster pbsv.d64 2.351, allows remote attackers... |
| CVE-2024-28698 | 2024-07-22 | Directory Traversal vulnerability in Marimer LLC CSLA .Net before 8.0... |
| CVE-2024-38944 | 2024-07-22 | An issue in Intelight X-1L Traffic controller Maxtime v.1.9.6 allows... |
| CVE-2024-39250 | 2024-07-22 | EfroTech Timetrax v8.3 was discovered to contain an unauthenticated SQL... |
| CVE-2024-40051 | 2024-07-22 | IP Guard v4.81.0307.0 was discovered to contain an arbitrary file... |
| CVE-2024-40075 | 2024-07-22 | Laravel v11.x was discovered to contain an XML External Entity... |
| CVE-2024-40502 | 2024-07-22 | SQL injection vulnerability in Hospital Management System Project in ASP.Net... |
| CVE-2024-41314 | 2024-07-22 | TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection... |
| CVE-2024-41315 | 2024-07-22 | TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection... |
| CVE-2024-41316 | 2024-07-22 | TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection... |
| CVE-2024-41317 | 2024-07-22 | TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection... |
| CVE-2024-41318 | 2024-07-22 | TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection... |
| CVE-2024-41320 | 2024-07-22 | TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection... |
| CVE-2024-41703 | 2024-07-22 | LibreChat through 0.7.4-rc1 has incorrect access control for message updates. |
| CVE-2024-41704 | 2024-07-22 | LibreChat through 0.7.4-rc1 does not validate the normalized pathnames of... |
| CVE-2024-41880 | 2024-07-22 | In veilid-core in Veilid before 0.3.4, the protocol's ping function... |
| CVE-2024-24507 | 2024-07-22 | Cross Site Scripting vulnerability in Act-On 2023 allows a remote... |
| CVE-2024-34329 | 2024-07-22 | Insecure permissions in Entrust Datacard XPS Card Printer Driver 8.5... |
| CVE-2024-37391 | 2024-07-22 | ProtonVPN before 3.2.10 on Windows mishandles the drive installer path,... |
| CVE-2024-41709 | 2024-07-22 | Backdrop CMS before 1.27.3 and 1.28.x before 1.28.2 does not... |
| CVE-2024-6963 | 2024-07-22 | Tenda O3 formexeCommand stack-based overflow |
| CVE-2024-6964 | 2024-07-22 | Tenda O3 fromDhcpSetSer stack-based overflow |
| CVE-2024-6965 | 2024-07-22 | Tenda O3 fromVirtualSet stack-based overflow |
| CVE-2024-6966 | 2024-07-22 | itsourcecode Online Blood Bank Management System Login login.php sql injection |
| CVE-2024-6967 | 2024-07-22 | SourceCodester Employee and Visitor Gate Pass Logging System sql injection |
| CVE-2024-6968 | 2024-07-22 | SourceCodester Clinics Patient Management System print_patients_visits.php sql injection |
| CVE-2024-6969 | 2024-07-22 | SourceCodester Clinics Patient Management System get_patient_history.php sql injection |
| CVE-2024-6970 | 2024-07-22 | itsourcecode Tailoring Management System staffcatadd.php sql injection |
| CVE-2024-5004 | 2024-07-22 | CM Popup Plugin for WordPress < 1.6.6 - Contributor+ Stored XSS |
| CVE-2024-5529 | 2024-07-22 | WP QuickLaTeX < 3.8.8 - Admin+ Stored XSS |
| CVE-2024-5973 | 2024-07-22 | MasterStudy LMS < 3.3.24 - Privilege Escalation to Instructor |
| CVE-2024-6243 | 2024-07-22 | HTML Forms < 1.3.33 - Admin+ Stored XSS |
| CVE-2024-6244 | 2024-07-22 | pz-frontend-manager < 1.0.6 - CSRF change user profile picture |
| CVE-2024-6271 | 2024-07-22 | Community Events < 1.5 - Event Deletion via CSRF |
| CVE-2024-37445 | 2024-07-22 | WordPress HTML5 Audio Player plugin <= 2.2.23 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37436 | 2024-07-22 | WordPress Uncanny Toolkit Pro for LearnDash plugin < 4.1.4.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37434 | 2024-07-22 | WordPress Atarim plugin <= 3.31 - Authenticated Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37433 | 2024-07-22 | WordPress Mailster plugin <= 4.0.9 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37432 | 2024-07-22 | WordPress Esteem theme <= 1.5.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37429 | 2024-07-22 | WordPress Login with phone number plugin <= 1.7.35 - Admin+ Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37428 | 2024-07-22 | WordPress All-in-One Addons for Elementor – WidgetKit plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37422 | 2024-07-22 | WordPress Progress Planner plugin <= 0.9.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37416 | 2024-07-22 | WordPress WP Photo Album Plus plugin <= 8.8.00.002 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37414 | 2024-07-22 | WordPress Depicter Slider plugin <= 3.0.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37409 | 2024-07-22 | WordPress PowerPack Lite for Beaver Builder plugin <= 1.3.0.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37278 | 2024-07-22 | WordPress Cards for Beaver Builder plugin <= 1.1.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37275 | 2024-07-22 | WordPress NextScripts plugin <= 4.4.6 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37271 | 2024-07-22 | WordPress Print My Blog plugin <= 3.27.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37267 | 2024-07-22 | WordPress Striking theme <= 2.3.4 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37265 | 2024-07-22 | WordPress IdeaPush plugin <= 8.60 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37264 | 2024-07-22 | WordPress Groundhogg plugin <= 3.4.2.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37263 | 2024-07-22 | WordPress Enter Addons – Ultimate Template Builder for Elementor plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37262 | 2024-07-22 | WordPress Online Booking & Scheduling Calendar plugin <= 4.4.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37261 | 2024-07-22 | WordPress WP-Lister Lite for Amazon plugin <= 2.6.16 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37259 | 2024-07-22 | WordPress WP Extended plugin <= 2.4.7 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37258 | 2024-07-22 | WordPress Social Rocket plugin <= 1.3.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37257 | 2024-07-22 | WordPress Permalink Manager Lite plugin <= 2.4.3.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37246 | 2024-07-22 | WordPress Gallery Slideshow plugin <= 1.4.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37245 | 2024-07-22 | WordPress All In One Redirection plugin <= 2.2.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37244 | 2024-07-22 | WordPress Ninja Beaver Add-ons for Beaver Builder plugin <= 2.4.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37239 | 2024-07-22 | WordPress Branda plugin <= 3.4.17 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37229 | 2024-07-22 | WordPress Blogmentor – Blog Layouts for Elementor plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37223 | 2024-07-22 | WordPress Restaurant Reservations plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37221 | 2024-07-22 | WordPress Kimili Flash Embed plugin <= 2.5.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37219 | 2024-07-22 | WordPress Page Builder Sandwich plugin <= 5.1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-23321 | 2024-07-22 | Apache RocketMQ: Unauthorized Exposure of Sensitive Data |
| CVE-2024-37217 | 2024-07-22 | WordPress Empty Cart Button for WooCommerce plugin <= 1.3.8 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37216 | 2024-07-22 | WordPress Sketchfab Embed plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37215 | 2024-07-22 | WordPress Transition Slider – Responsive Image Slider and Gallery plugin <= 2.20.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37211 | 2024-07-22 | WordPress AliExpress Dropshipping with AliNext Lite plugin <= 3.3.5 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37206 | 2024-07-22 | WordPress Demo Awesome plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability |