Lista CVE - 2024 / Luglio
Visualizzazione 401 - 500 di 3117 CVE per Luglio 2024 (Pagina 5 di 32)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2024-6209 | 2024-07-05 | unauthorized file access |
| CVE-2024-6524 | 2024-07-05 | ShopXO Uploader.php server-side request forgery |
| CVE-2024-6525 | 2024-07-05 | D-Link DAR-7000 decodmail.php deserialization |
| CVE-2024-23588 | 2024-07-05 | A denial of service vulnerability affects HCL Nomad server on Domino |
| CVE-2024-6526 | 2024-07-05 | CodeIgniter Ecommerce-CodeIgniter-Bootstrap cross site scripting |
| CVE-2024-39864 | 2024-07-05 | Apache CloudStack: Integration API service uses dynamic port when disabled |
| CVE-2024-38346 | 2024-07-05 | Apache CloudStack: Unauthenticated cluster service port leads to remote execution |
| CVE-2024-6505 | 2024-07-05 | Qemu-kvm: virtio-net: queue index out-of-bounds access in software rss |
| CVE-2024-37903 | 2024-07-05 | Mastodon has improper authorship check on audience extension for existing posts |
| CVE-2024-39321 | 2024-07-05 | Traefik vulnerable to bypassing IP allow-lists via HTTP/3 early data requests in QUIC 0-RTT handshakes |
| CVE-2024-39687 | 2024-07-05 | Fedify vulnerable to allowing access to internal network resources |
| CVE-2024-34361 | 2024-07-05 | Pi-hole Blind Server-Side Request Forgery (SSRF) vulnerability can lead to Remote Code Execution (RCE) |
| CVE-2024-39689 | 2024-07-05 | Certifi removes GLOBALTRUST root certificate |
| CVE-2024-39691 | 2024-07-05 | Malicious Matrix homeserver can leak truncated message content of messages it shouldn't have access to |
| CVE-2024-39696 | 2024-07-05 | Evmos vulnerable to exploit of smart contract account and vesting |
| CVE-2024-5753 | 2024-07-05 | Local File Read (LFI) by Prompt Injection via Postgres SQL in vanna-ai/vanna |
| CVE-2024-40594 | 2024-07-06 | The OpenAI ChatGPT app before 2024-07-05 for macOS opts out... |
| CVE-2024-40597 | 2024-07-06 | An issue was discovered in the CheckUser extension for MediaWiki... |
| CVE-2024-40600 | 2024-07-06 | An issue was discovered in the Metrolook skin for MediaWiki... |
| CVE-2024-40601 | 2024-07-06 | An issue was discovered in the MediaWikiChat extension for MediaWiki... |
| CVE-2024-40596 | 2024-07-06 | An issue was discovered in the CheckUser extension for MediaWiki... |
| CVE-2024-40598 | 2024-07-06 | An issue was discovered in the CheckUser extension for MediaWiki... |
| CVE-2024-40599 | 2024-07-06 | An issue was discovered in the GuMaxDD skin for MediaWiki... |
| CVE-2024-40602 | 2024-07-06 | An issue was discovered in the Tempo skin for MediaWiki... |
| CVE-2024-40603 | 2024-07-06 | An issue was discovered in the ArticleRatings extension for MediaWiki... |
| CVE-2024-40604 | 2024-07-06 | An issue was discovered in the Nimbus skin for MediaWiki... |
| CVE-2024-40605 | 2024-07-06 | An issue was discovered in the Foreground skin for MediaWiki... |
| CVE-2024-5616 | 2024-07-06 | CSRF Vulnerability in mudler/LocalAI |
| CVE-2024-39486 | 2024-07-06 | drm/drm_file: Fix pid refcounting race |
| CVE-2024-37260 | 2024-07-06 | WordPress Foxiz Theme theme <= 2.3.5 - Server Side Request Forgery (SSRF) vulnerability |
| CVE-2024-37208 | 2024-07-06 | WordPress WP Scraper plugin <= 5.7 - Server Side Request Forgery (SSRF) vulnerability |
| CVE-2024-37234 | 2024-07-06 | WordPress Academy LMS plugin <= 2.0.4 - Open Redirection vulnerability |
| CVE-2024-37539 | 2024-07-06 | WordPress WP To Do plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37541 | 2024-07-06 | WordPress Elementor Addons, Widgets and Enhancements – Stax plugin <= 1.4.4.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37542 | 2024-07-06 | WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - Broken Access Control vulnerability |
| CVE-2024-37546 | 2024-07-06 | WordPress Image Hover Effects for Elementor with Lightbox and Flipbox plugin <= 3.0.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37547 | 2024-07-06 | WordPress Elementor Addons by Livemesh plugin <= 8.4.0 - Local File Inclusion vulnerability |
| CVE-2024-37553 | 2024-07-06 | WordPress Testimonials Widget plugin <= 4.0.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37554 | 2024-07-06 | WordPress UltraAddons plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-6095 | 2024-07-06 | SSRF and Partial LFI in /models/apply Endpoint in mudler/localai |
| CVE-2024-40614 | 2024-07-07 | EGroupware before 23.1.20240624 mishandles an ORDER BY clause. This leads... |
| CVE-2024-6229 | 2024-07-07 | Stored XSS in stangirard/quivr |
| CVE-2024-3651 | 2024-07-07 | Denial of Service via Quadratic Complexity in kjd/idna |
| CVE-2024-6539 | 2024-07-07 | heyewei SpringBootCMS Guestbook guestbook cross site scripting |
| CVE-2024-31504 | 2024-07-08 | Buffer Overflow vulnerability in SILA Embedded Solutions GmbH freemodbus v.2018-09-12... |
| CVE-2024-39202 | 2024-07-08 | D-Link DIR-823X firmware - 240126 was discovered to contain a... |
| CVE-2024-39203 | 2024-07-08 | A cross-site scripting (XSS) vulnerability in the Backend Theme Management... |
| CVE-2024-5711 | 2024-07-08 | Stored XSS in stitionai/devika |
| CVE-2024-39723 | 2024-07-08 | IBM FlashSystem denial of service |
| CVE-2024-38330 | 2024-07-08 | IBM i privilege escalation |
| CVE-2024-31897 | 2024-07-08 | IBM Cloud Pak for Business Automation server-side request forgery |
| CVE-2024-37528 | 2024-07-08 | IBM Cloud Pak for Business Automation cross-site scripting |
| CVE-2024-34602 | 2024-07-08 | Use of implicit intent for sensitive communication in Samsung Messages... |
| CVE-2024-34603 | 2024-07-08 | Improper access control in Samsung Message prior to SMR Jul-2024... |
| CVE-2024-37389 | 2024-07-08 | Apache NiFi: Improper Neutralization of Input in Parameter Context Description |
| CVE-2024-27459 | 2024-07-08 | The interactive service in OpenVPN 2.6.9 and earlier allows an... |
| CVE-2024-24974 | 2024-07-08 | The interactive service in OpenVPN 2.6.9 and earlier allows the... |
| CVE-2024-27903 | 2024-07-08 | OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could... |
| CVE-2024-37999 | 2024-07-08 | A vulnerability has been identified in Medicalis Workflow Orchestrator (All... |
| CVE-2024-6163 | 2024-07-08 | local IP restriction of internal HTTP endpoints |
| CVE-2024-39743 | 2024-07-08 | IBM MQ Container denial of service |
| CVE-2024-39742 | 2024-07-08 | IBM MQ Container authentication bypass |
| CVE-2024-4341 | 2024-07-08 | Information Disclosure in ExtremePacs's Extreme XDS |
| CVE-2024-25639 | 2024-07-08 | Prompt Injection triggered XSS vulnerability in Khoj Obsidian, Desktop and Web clients |
| CVE-2024-39308 | 2024-07-08 | RailsAdmin Cross-site Scripting vulnerability in the list view |
| CVE-2024-39677 | 2024-07-08 | NHibernate SQL injection vulnerability in discriminator mappings, static fields referenced in HQL, and some utilities |
| CVE-2024-6563 | 2024-07-08 | Buffer Overflow Arbitrary Write |
| CVE-2024-39695 | 2024-07-08 | Exiv2 has an out-of-bounds read in AsfVideo::streamProperties |
| CVE-2024-6564 | 2024-07-08 | Buffer overflow in Rensas RCAR |
| CVE-2023-49867 | 2024-07-08 | A stack-based buffer overflow vulnerability exists in the boa formWsc... |
| CVE-2023-50330 | 2024-07-08 | A stack-based buffer overflow vulnerability exists in the boa getInfo... |
| CVE-2023-50381 | 2024-07-08 | Three os command injection vulnerabilities exist in the boa formWsc... |
| CVE-2023-50382 | 2024-07-08 | Three os command injection vulnerabilities exist in the boa formWsc... |
| CVE-2023-50383 | 2024-07-08 | Three os command injection vulnerabilities exist in the boa formWsc... |
| CVE-2023-50243 | 2024-07-08 | Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS... |
| CVE-2023-50244 | 2024-07-08 | Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS... |
| CVE-2023-41251 | 2024-07-08 | A stack-based buffer overflow vulnerability exists in the boa formRoute... |
| CVE-2023-50239 | 2024-07-08 | Two stack-based buffer overflow vulnerabilities exist in the boa set_RadvdInterfaceParam... |
| CVE-2023-50240 | 2024-07-08 | Two stack-based buffer overflow vulnerabilities exist in the boa set_RadvdInterfaceParam... |
| CVE-2023-47856 | 2024-07-08 | A stack-based buffer overflow vulnerability exists in the boa set_RadvdPrefixParam... |
| CVE-2023-45215 | 2024-07-08 | A stack-based buffer overflow vulnerability exists in the boa setRepeaterSsid... |
| CVE-2023-49595 | 2024-07-08 | A stack-based buffer overflow vulnerability exists in the boa rollback_control_code... |
| CVE-2023-45742 | 2024-07-08 | An integer overflow vulnerability exists in the boa updateConfigIntoFlash functionality... |
| CVE-2023-48270 | 2024-07-08 | A stack-based buffer overflow vulnerability exists in the boa formDnsv6... |
| CVE-2023-49073 | 2024-07-08 | A stack-based buffer overflow vulnerability exists in the boa formFilter... |
| CVE-2023-49593 | 2024-07-08 | Leftover debug code exists in the boa formSysCmd functionality of... |
| CVE-2023-46685 | 2024-07-08 | A hard-coded password vulnerability exists in the telnetd functionality of... |
| CVE-2024-21778 | 2024-07-08 | A heap-based buffer overflow vulnerability exists in the configuration file... |
| CVE-2023-34435 | 2024-07-08 | A firmware update vulnerability exists in the boa formUpload functionality... |
| CVE-2023-47677 | 2024-07-08 | A cross-site request forgery (csrf) vulnerability exists in the boa... |
| CVE-2024-39699 | 2024-07-08 | Directus has a Blind SSRF On File Import |
| CVE-2024-23562 | 2024-07-08 | HCL Domino is susceptible to an information disclosure vulnerability |
| CVE-2024-34702 | 2024-07-08 | Botan has a Denial of Service Due to Excessive Name Constraints |
| CVE-2024-39312 | 2024-07-08 | Botan has an Authorization Error due to Name Constraint Decoding Bug |
| CVE-2024-39701 | 2024-07-08 | Directus Incorrectly handles _in` filter |
| CVE-2024-39895 | 2024-07-08 | Directus GraphQL Field Duplication Denial of Service (DoS) |
| CVE-2024-1305 | 2024-07-08 | tap-windows6 driver version 9.26 and earlier does not properly check... |
| CVE-2024-39896 | 2024-07-08 | Directus allows SSO User Enumeration |
| CVE-2024-4882 | 2024-07-08 | URL Redirection to Arbitrary Site Exists in Sitefinity |
| CVE-2024-6409 | 2024-07-08 | Openssh: possible remote code execution due to a race condition in signal handling affecting red hat enterprise linux 9 |