Lista CVE - 2024 / Agosto
Visualizzazione 2701 - 2800 di 2898 CVE per Agosto 2024 (Pagina 28 di 29)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2024-44779 | 2024-08-29 | A reflected cross-site scripting (XSS) vulnerability in the viewname parameter... |
| CVE-2024-44919 | 2024-08-29 | A cross-site scripting (XSS) vulnerability in the component admin_ads.php of... |
| CVE-2024-45435 | 2024-08-29 | Chartist 1.x through 1.3.0 allows Prototype Pollution via the extend... |
| CVE-2024-45436 | 2024-08-29 | extractFromZipFile in model.go in Ollama before 0.1.47 can extract members... |
| CVE-2024-41349 | 2024-08-29 | unmark 1.9.2 is vulnerable to Cross Site Scripting (XSS) via... |
| CVE-2024-41358 | 2024-08-29 | phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via... |
| CVE-2024-44716 | 2024-08-29 | A cross-site scripting (XSS) vulnerability in DedeBIZ v6.3.0 allows attackers... |
| CVE-2024-44717 | 2024-08-29 | A cross-site scripting (XSS) vulnerability in DedeBIZ v6.3.0 allows attackers... |
| CVE-2024-44776 | 2024-08-29 | An Open Redirect vulnerability in the page parameter of vTiger... |
| CVE-2024-44930 | 2024-08-29 | Serilog before v2.1.0 was discovered to contain a Client IP... |
| CVE-2024-45440 | 2024-08-29 | core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when... |
| CVE-2024-7857 | 2024-08-29 | Media Library Folders <= 8.2.2 - Authenticated (Subscriber+) Second-Order SQL Injection |
| CVE-2024-41918 | 2024-08-29 | 'Rakuten Ichiba App' for Android 12.4.0 and earlier and 'Rakuten... |
| CVE-2024-5857 | 2024-08-29 | Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free <= 3.7.3.2 - Missing Authorization to Unauthenticated Arbitrary Media Deletion |
| CVE-2022-2440 | 2024-08-29 | Theme Editor <= 2.8 - Authenticated (Admin+) PHAR Deserialization |
| CVE-2024-7856 | 2024-08-29 | MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar <= 5.7.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Deletion |
| CVE-2024-7418 | 2024-08-29 | The Post Grid <= 7.7.11 - Authenticated (Contributor+) Information Disclosure |
| CVE-2024-38303 | 2024-08-29 | Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x,... |
| CVE-2024-7606 | 2024-08-29 | Front End Users <= 3.2.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode |
| CVE-2024-3944 | 2024-08-29 | WP To Do <= 1.3.0 - Authenticated (Admin+) Stored Cross-Site Scripting via Task Comments |
| CVE-2024-5987 | 2024-08-29 | WP Accessibility Helper <= 0.6.2.8 - Missing Authorization to Authenticated (Subscriber+) Limited Settings Update |
| CVE-2024-7607 | 2024-08-29 | Front End Users <= 3.2.28 - Authenticated (Contributor+) Time-Based SQL Injection |
| CVE-2024-5417 | 2024-08-29 | Gutentor < 3.3.6 - Contributor+ Stored XSS |
| CVE-2024-6927 | 2024-08-29 | Viral Signup <= 2.1 - Admin+ Stored XSS |
| CVE-2024-7132 | 2024-08-29 | CoBlocks < 3.1.13 - Editor+ Stored XSS |
| CVE-2024-43700 | 2024-08-29 | xfpt versions prior to 1.01 fails to handle appropriately some... |
| CVE-2024-4428 | 2024-08-29 | Sensetive Data Exposure in Menulux Managment Portal |
| CVE-2024-38304 | 2024-08-29 | Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x,... |
| CVE-2024-5622 | 2024-08-29 | Untrusted search path vulnerability in the AprolConfigureCCServices of B&R APROL |
| CVE-2024-5623 | 2024-08-29 | Untrusted search path vulnerability in B&R APROL |
| CVE-2024-5624 | 2024-08-29 | Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL |
| CVE-2024-43986 | 2024-08-29 | WordPress E-cab taxi booking manager plugin <=1.0.9 - Cross Site Scripting (XSS) vulnerability |
| CVE-2021-4442 | 2024-08-29 | tcp: add sanity tests to TCP_QUEUE_SEQ |
| CVE-2024-29731 | 2024-08-29 | Multiple vulnerabilities in SportsNET |
| CVE-2024-29730 | 2024-08-29 | Multiple vulnerabilities in SportsNET |
| CVE-2024-29729 | 2024-08-29 | Multiple vulnerabilities in SportsNET |
| CVE-2024-29728 | 2024-08-29 | Multiple vulnerabilities in SportsNET |
| CVE-2024-29727 | 2024-08-29 | Multiple vulnerabilities in SportsNET |
| CVE-2024-29726 | 2024-08-29 | Multiple vulnerabilities in SportsNET |
| CVE-2024-29725 | 2024-08-29 | Multiple vulnerabilities in SportsNET |
| CVE-2024-29724 | 2024-08-29 | Multiple vulnerabilities in SportsNET |
| CVE-2024-29723 | 2024-08-29 | Multiple vulnerabilities in SportsNET |
| CVE-2024-6551 | 2024-08-29 | GiveWP <= 3.15.1 - Unauthenticated Full Path Disclosure |
| CVE-2024-7895 | 2024-08-29 | Beaver Builder (Lite Version) <= 2.8.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via type Parameter |
| CVE-2024-8294 | 2024-08-29 | FeehiCMS index.php update unrestricted upload |
| CVE-2024-8295 | 2024-08-29 | FeehiCMS index.php createBanner unrestricted upload |
| CVE-2024-2541 | 2024-08-29 | Popup Builder <= 4.3.3 - Sensitive Information Exposure via Imported Subscribers CSV File |
| CVE-2024-8296 | 2024-08-29 | FeehiCMS index.php insert unrestricted upload |
| CVE-2024-1384 | 2024-08-29 | Premium Portfolio Features for Phlox theme <= 2.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-3679 | 2024-08-29 | Premium SEO Pack – WP SEO Plugin <= 1.6.001 - Unauthenticated Information Exposure |
| CVE-2024-8297 | 2024-08-29 | kitsada8621 Digital Library Management System jwt_refresh_token_middleware.go JwtRefreshAuth neutralization for logs |
| CVE-2024-8301 | 2024-08-29 | dingfanzu CMS checkin.php sql injection |
| CVE-2024-1056 | 2024-08-29 | Funnel Kit Funnel Builder PRO <= 3.4.5 Authenticated(Contributor+) Stored Cross-Site Scripting via allow_iframe_tag_in_post |
| CVE-2024-8302 | 2024-08-29 | dingfanzu CMS chpwd.php sql injection |
| CVE-2024-5057 | 2024-08-29 | WordPress Easy Digital Downloads plugin <= 3.2.12 - SQL Injection vulnerability |
| CVE-2024-38693 | 2024-08-29 | WordPress WP User Frontend plugin <= 4.0.7 - SQL Injection vulnerability |
| CVE-2024-38793 | 2024-08-29 | WordPress Best Restaurant Menu by Pricelisto plugin <= 1.4.1 - SQL Injection vulnerability |
| CVE-2024-38795 | 2024-08-29 | WordPress ListingPro plugin <= 2.9.4 - Unauthenticated SQL Injection vulnerability |
| CVE-2024-39620 | 2024-08-29 | WordPress ListingPro plugin <= 2.9.4 - SQL Injection vulnerability |
| CVE-2024-39622 | 2024-08-29 | WordPress ListingPro theme <= 2.9.4 - Unauthenticated SQL Injection vulnerability |
| CVE-2024-39638 | 2024-08-29 | WordPress Registrations for the Events Calendar plugin <= 2.12.2 - SQL Injection vulnerability |
| CVE-2024-39653 | 2024-08-29 | WordPress VikRentCar Car Rental Management System plugin <= 1.4.0 - SQL Injection vulnerability |
| CVE-2024-8303 | 2024-08-29 | dingfanzu CMS getBasicInfo.php sql injection |
| CVE-2024-8304 | 2024-08-29 | jpress Template Module edit path traversal |
| CVE-2024-39658 | 2024-08-29 | WordPress Salon Booking System plugin <= 10.7 - Authenticated SQL Injection vulnerability |
| CVE-2024-43132 | 2024-08-29 | WordPress Docket (WooCommerce Collections / Wishlist / Watchlist) plugin < 1.7.0 - Unauthenticated SQL Injection vulnerability |
| CVE-2024-43144 | 2024-08-29 | WordPress Cost Calculator Builder plugin <= 3.2.15 - SQL Injection vulnerability |
| CVE-2024-43917 | 2024-08-29 | WordPress TI WooCommerce Wishlist plugin <= 2.8.2 - SQL Injection vulnerability |
| CVE-2024-43918 | 2024-08-29 | WordPress WBW Product Table PRO plugin <= 1.9.4 - Unauthenticated Arbitrary SQL Query Execution vulnerability |
| CVE-2024-43922 | 2024-08-29 | WordPress NitroPack plugin <= 1.16.7 - Unauthenticated Arbitrary Shortcode Execution vulnerability |
| CVE-2024-43931 | 2024-08-29 | WordPress JobSearch WP Job Board WordPress Plugin plugin <= 2.5.3 - PHP Object Injection vulnerability |
| CVE-2024-43939 | 2024-08-29 | WordPress Z Y N I T H plugin <= 7.4.9 - Unauthenticated Arbitrary Option Deletion vulnerability |
| CVE-2024-43940 | 2024-08-29 | WordPress Z Y N I T H plugin <= 7.4.9 - Unauthenticated Plugin Settings Change vulnerability |
| CVE-2024-43941 | 2024-08-29 | WordPress Propovoice Pro plugin <= 1.7.0.3 - Unauthenticated SQL Injection vulnerability |
| CVE-2024-43942 | 2024-08-29 | WordPress Greenshift Query and Meta Addon plugin < 3.9.2 - Subscriber+ SQL Injection vulnerability |
| CVE-2024-43943 | 2024-08-29 | WordPress Greenshift Woocommerce Addon plugin < 1.9.8 - Subscriber+ SQL Injection vulnerability |
| CVE-2024-43944 | 2024-08-29 | WordPress Maintenance & Coming Soon Redirect Animation plugin <= 2.1.3 - IP Bypass vulnerability |
| CVE-2024-43954 | 2024-08-29 | WordPress Droip plugin <= 1.1.1 - Subscriber+ Settings Change/Data Exposure Vulnerability |
| CVE-2024-8255 | 2024-08-29 | Path Traversal in Ocean Data Systems Dream Report |
| CVE-2024-43955 | 2024-08-29 | WordPress Droip plugin <= 1.1.1 - Unauthenticated Arbitrary File Download/Deletion vulnerability |
| CVE-2024-35118 | 2024-08-29 | IBM MaaS360 information disclosure |
| CVE-2024-43957 | 2024-08-29 | WordPress Animated Number Counters plugin <= 1.9 - Editor+ Limited Local File Inclusion vulnerability |
| CVE-2024-43965 | 2024-08-29 | WordPress SendGrid for WordPress plugin <= 1.4 - SQL Injection vulnerability |
| CVE-2024-41964 | 2024-08-29 | Insufficient permission checks in the language settings in Kirby CMS |
| CVE-2024-35133 | 2024-08-29 | IBM Security Verify Access HTTP open redirect |
| CVE-2024-43804 | 2024-08-29 | OS Command Injection via Port Scan Functionality in Roxy-WI |
| CVE-2024-45045 | 2024-08-29 | JavaScript Injection via url encoded values in links in Collabora Office Android |
| CVE-2024-45056 | 2024-08-29 | `fold (xor (shl 1, x), -1) -> (rotl ~1, x)` misoptimization in zksolc |
| CVE-2024-43964 | 2024-08-29 | WordPress DSGVO All in one for WP plugin <= 4.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-43963 | 2024-08-29 | WordPress Visual CSS Style Editor plugin <= 7.6.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-43961 | 2024-08-29 | WordPress azurecurve Toggle Show/Hide plugin <= 2.1.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-43960 | 2024-08-29 | WordPress Web and WooCommerce Addons for WPBakery Builder plugin <= 1.4.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-43958 | 2024-08-29 | WordPress Into The Dark theme <= 1.0.5 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-43953 | 2024-08-29 | WordPress Classic Addons – WPBakery Page Builder plugin <= 3.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-43952 | 2024-08-29 | WordPress Esotera theme <= 1.2.5.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-43951 | 2024-08-29 | WordPress Tempera theme <= 1.8.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-43950 | 2024-08-29 | WordPress Brickscore plugin <= 1.4.2.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-43949 | 2024-08-29 | WordPress GHActivity plugin <= 2.0.0-alpha - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-43948 | 2024-08-29 | WordPress WP Armour Extended plugin <= 1.26 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-43946 | 2024-08-29 | WordPress SKT Blocks plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability |