Lista CVE - 2024 / Settembre
Visualizzazione 1201 - 1300 di 2518 CVE per Settembre 2024 (Pagina 13 di 26)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2024-8278 | 2024-09-13 | A privilege escalation vulnerability was discovered in XCC that could... |
| CVE-2024-8279 | 2024-09-13 | A privilege escalation vulnerability was discovered in XCC that could... |
| CVE-2024-8280 | 2024-09-13 | An input validation weakness was discovered in XCC that could... |
| CVE-2024-8281 | 2024-09-13 | An input validation weakness was discovered in XCC that could... |
| CVE-2024-45101 | 2024-09-13 | A privilege escalation vulnerability was discovered when Single Sign On... |
| CVE-2024-45103 | 2024-09-13 | A valid, authenticated LXCA user may be able to unmanage... |
| CVE-2024-45104 | 2024-09-13 | A valid, authenticated LXCA user without sufficient privileges may be... |
| CVE-2024-45105 | 2024-09-13 | An internal product security audit discovered a UEFI SMM (System... |
| CVE-2024-8782 | 2024-09-13 | JFinalCMS edit delete path traversal |
| CVE-2024-8783 | 2024-09-13 | OpenTibiaBR MyAAC Post Reply new_post.php cross site scripting |
| CVE-2024-8784 | 2024-09-13 | QDocs Smart School Management System Chat mynewuser sql injection |
| CVE-2024-5754 | 2024-09-13 | BT: Encryption procedure host vulnerability |
| CVE-2024-6258 | 2024-09-13 | BT: Missing length checks of net_buf in rfcomm_handle_data |
| CVE-2024-5931 | 2024-09-13 | BT: Unchecked user input in bap_broadcast_assistant |
| CVE-2024-6135 | 2024-09-13 | BT:Classic: Multiple missing buf length checks |
| CVE-2024-6137 | 2024-09-13 | BT: Classic: SDP OOB access in get_att_search_list |
| CVE-2024-6259 | 2024-09-13 | BT: HCI: adv_ext_report Improper discarding in adv_ext_report |
| CVE-2024-29779 | 2024-09-13 | there is a possible escalation of privilege due to an... |
| CVE-2024-44092 | 2024-09-13 | There is a possible LCS signing enforcement missing due to... |
| CVE-2024-44093 | 2024-09-13 | In ppmp_unprotect_buf of drm/code/drm_fw.c, there is a possible memory corruption... |
| CVE-2024-44094 | 2024-09-13 | In ppmp_protect_mfcfw_buf of code/drm_fw.c, there is a possible memory corruption... |
| CVE-2024-44095 | 2024-09-13 | In ppmp_protect_mfcfw_buf of code/drm_fw.c, there is a possible corrupt memory... |
| CVE-2024-44096 | 2024-09-13 | there is a possible arbitrary read due to an insecure... |
| CVE-2022-3459 | 2024-09-14 | WooCommerce Multiple Free Gift <= 1.2.3 - Insufficient Server-Side Validation to Arbitrary Gift Adding |
| CVE-2024-8271 | 2024-09-14 | FOX – Currency Switcher Professional for WooCommerce <= 1.4.2.1 - Unauthenticated Arbitrary Shortcode Execution |
| CVE-2024-8775 | 2024-09-14 | Ansible-core: exposure of sensitive information in ansible vault files due to improper logging |
| CVE-2024-8246 | 2024-09-14 | Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) <= 2.8.11 - Authenticated (Contributor+) Privilege Escalation |
| CVE-2024-8479 | 2024-09-14 | Simple Spoiler 1.2 - 1.3 - Unauthenticated Arbitrary Shortcode Execution |
| CVE-2024-8724 | 2024-09-14 | Waitlist Woocommerce ( Back in stock notifier ) <= 2.7.5 - Reflected Cross-Site Scripting |
| CVE-2024-8039 | 2024-09-14 | Improper permission configurationDomain configuration vulnerability of the mobile application (com.afmobi.boomplayer)... |
| CVE-2024-8669 | 2024-09-14 | Backuply – Backup, Restore, Migrate and Clone <= 1.3.4 - Authenticated (Admin+) SQL Injection |
| CVE-2024-8797 | 2024-09-14 | WP Booking System – Booking Calendar <= 2.0.19.8 - Reflected Cross-Site Scripting |
| CVE-2023-3410 | 2024-09-14 | Bricks <= 1.10.1 - Authenticated (Bricks Page Builder Access+) Stored Cross-Site Scripting |
| CVE-2024-6482 | 2024-09-14 | Login with phone number <= 1.7.49 - Authenticated (Subscriber+) Authorization Bypass to Privilege Escalation |
| CVE-2024-8862 | 2024-09-14 | h2oai h2o-3 JDBC Connection 1 getConnectionSafe deserialization |
| CVE-2024-8863 | 2024-09-14 | aimhubio aim Text Explorer textbox.tsx dangerouslySetInnerHTML cross site scripting |
| CVE-2024-46938 | 2024-09-15 | An issue was discovered in Sitecore Experience Platform (XP), Experience... |
| CVE-2024-46918 | 2024-09-15 | app/Controller/UserLoginProfilesController.php in MISP before 2.4.198 does not prevent an org... |
| CVE-2024-46942 | 2024-09-15 | In OpenDaylight Model-Driven Service Abstraction Layer (MD-SAL) through 13.0.1, a... |
| CVE-2024-46943 | 2024-09-15 | An issue was discovered in OpenDaylight Authentication, Authorization and Accounting... |
| CVE-2024-8864 | 2024-09-15 | composiohq composio calculator.py Calculator code injection |
| CVE-2024-8865 | 2024-09-15 | composiohq composio api.py path path traversal |
| CVE-2024-8866 | 2024-09-15 | AutoCMS robot.php cross site scripting |
| CVE-2024-8867 | 2024-09-15 | Perfex CRM Parameter Clients.php cross site scripting |
| CVE-2024-8868 | 2024-09-15 | code-projects Crud Operation System savedata.php sql injection |
| CVE-2024-45460 | 2024-09-15 | WordPress Flipping Cards plugin <= 1.30 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-45459 | 2024-09-15 | WordPress Product Slider for WooCommerce by PickPlugins plugin <= 1.13.50 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-45458 | 2024-09-15 | WordPress Spiffy Calendar plugin <= 4.9.13 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-45457 | 2024-09-15 | WordPress Spiffy Calendar plugin <= 4.9.13 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-45456 | 2024-09-15 | WordPress WP Meta SEO plugin <= 4.5.13 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-45455 | 2024-09-15 | WordPress WP Meta SEO plugin <= 4.5.13 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-44063 | 2024-09-15 | WordPress Happyforms plugin <= 1.26.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-44062 | 2024-09-15 | WordPress Custom Field Template plugin <= 2.6.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-44060 | 2024-09-15 | WordPress filmix theme <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-44059 | 2024-09-15 | WordPress Custom Query Blocks plugin <= 5.3.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-44058 | 2024-09-15 | WordPress Parabola theme <= 2.4.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-44057 | 2024-09-15 | WordPress Nirvana theme <= 1.6.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-44056 | 2024-09-15 | WordPress Mantra theme <= 3.3.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-44054 | 2024-09-15 | WordPress Fluida theme <= 1.8.8 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-44053 | 2024-09-15 | WordPress Opor Ayam theme <= 1.8 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-8869 | 2024-09-15 | TOTOLINK A720R exportOvpn os command injection |
| CVE-2024-8875 | 2024-09-15 | vedees wcms finder.php path traversal |
| CVE-2024-8876 | 2024-09-15 | xiaohe4966 TpMeCMS lang path traversal |
| CVE-2023-45854 | 2024-09-16 | A Business Logic vulnerability in Shopkit 1.0 allows an attacker... |
| CVE-2024-42794 | 2024-09-16 | Kashipara Music Management System v1.0 is vulnerable to Incorrect Access... |
| CVE-2024-42795 | 2024-09-16 | An Incorrect Access Control vulnerability was found in /music/view_user.php?id=3 and... |
| CVE-2024-42796 | 2024-09-16 | An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_genre in... |
| CVE-2024-42798 | 2024-09-16 | An Incorrect Access Control vulnerability was found in /music/index.php?page=user_list and... |
| CVE-2024-44623 | 2024-09-16 | An issue in TuomoKu SPx-GC v.1.3.0 and before allows a... |
| CVE-2024-45413 | 2024-09-16 | The HTTPD binary in multiple ZTE routers has a stack-based... |
| CVE-2024-45414 | 2024-09-16 | The HTTPD binary in multiple ZTE routers has a stack-based... |
| CVE-2024-45415 | 2024-09-16 | The HTTPD binary in multiple ZTE routers has a stack-based... |
| CVE-2024-45416 | 2024-09-16 | The HTTPD binary in multiple ZTE routers has a local... |
| CVE-2024-46419 | 2024-09-16 | TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in... |
| CVE-2024-46424 | 2024-09-16 | TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in... |
| CVE-2024-46451 | 2024-09-16 | TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in... |
| CVE-2024-46937 | 2024-09-16 | An improper access control (IDOR) vulnerability in the /api-selfportal/get-info-token-properties endpoint... |
| CVE-2024-46958 | 2024-09-16 | In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized... |
| CVE-2024-8880 | 2024-09-16 | playSMS Template index.php code injection |
| CVE-2024-8776 | 2024-09-16 | INTUMIT SmartRobot - Cross-site Scripting |
| CVE-2024-8777 | 2024-09-16 | The SYSCOM Group OMFLOW - Information Leakage |
| CVE-2024-8778 | 2024-09-16 | The SYSCOM Group OMFLOW - Arbitrary File Read |
| CVE-2024-8779 | 2024-09-16 | The SYSCOM Group OMFLOW - Broken Access Control |
| CVE-2024-8780 | 2024-09-16 | The SYSCOM Group OMFLOW - Improper Authorization for Data Query Function |
| CVE-2024-45694 | 2024-09-16 | D-Link WiFi router - Stack-based Buffer Overflow |
| CVE-2024-45695 | 2024-09-16 | D-Link WiFi router - Stack-based Buffer Overflow |
| CVE-2024-39613 | 2024-09-16 | RCE in desktop app in Windows by local attacker |
| CVE-2024-45833 | 2024-09-16 | Mobile password gets saved in dictionary under conditions |
| CVE-2024-45696 | 2024-09-16 | D-Link WiFi router - Hidden Functionality |
| CVE-2024-45697 | 2024-09-16 | D-Link WiFi router - Hidden Functionality |
| CVE-2024-45698 | 2024-09-16 | D-Link WiFi router - OS Command Injection |
| CVE-2024-1578 | 2024-09-16 | Multiple MiCard PLUS card reader dropped characters |
| CVE-2024-46970 | 2024-09-16 | In JetBrains IntelliJ IDEA before 2024.1 hTML injection via the... |
| CVE-2024-22399 | 2024-09-16 | Apache Seata: Remote Code Execution vulnerability via Hessian Deserialization in Apache Seata Server |
| CVE-2024-39772 | 2024-09-16 | Silent Desktop Screenshot Capture |
| CVE-2024-45835 | 2024-09-16 | Insufficient Electron Fuses Configuration |
| CVE-2024-7098 | 2024-09-16 | XML Injection in SFS Consulting's ww.Winsure |
| CVE-2024-7104 | 2024-09-16 | Remote Code Execution in SFS Consulting's ww.Winsure |
| CVE-2024-6401 | 2024-09-16 | SQLi in SFS Consulting's InsureE GL |
| CVE-2024-38315 | 2024-09-16 | IBM Aspera Shares session fixation |