Lista CVE - 2024 / Settembre
Visualizzazione 901 - 1000 di 2518 CVE per Settembre 2024 (Pagina 10 di 26)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2024-8306 | 2024-09-11 | CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized... |
| CVE-2024-45009 | 2024-09-11 | mptcp: pm: only decrement add_addr_accepted for MPJ req |
| CVE-2024-45010 | 2024-09-11 | mptcp: pm: only mark 'subflow' endp as available |
| CVE-2024-45011 | 2024-09-11 | char: xillybus: Check USB endpoints when probing device |
| CVE-2024-45012 | 2024-09-11 | nouveau/firmware: use dma non-coherent allocator |
| CVE-2024-45013 | 2024-09-11 | nvme: move stopping keep-alive into nvme_uninit_ctrl() |
| CVE-2024-45014 | 2024-09-11 | s390/boot: Avoid possible physmem_info segment corruption |
| CVE-2024-45015 | 2024-09-11 | drm/msm/dpu: move dpu_encoder's connector assignment to atomic_enable() |
| CVE-2024-45016 | 2024-09-11 | netem: fix return value if duplicate enqueue fails |
| CVE-2024-45017 | 2024-09-11 | net/mlx5: Fix IPsec RoCE MPV trace call |
| CVE-2024-45018 | 2024-09-11 | netfilter: flowtable: initialise extack before use |
| CVE-2024-45019 | 2024-09-11 | net/mlx5e: Take state lock during tx timeout reporter |
| CVE-2024-45020 | 2024-09-11 | bpf: Fix a kernel verifier crash in stacksafe() |
| CVE-2024-45021 | 2024-09-11 | memcg_write_event_control(): fix a user-triggerable oops |
| CVE-2024-45022 | 2024-09-11 | mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order 0 |
| CVE-2024-45023 | 2024-09-11 | md/raid1: Fix data corruption for degraded array with slow disk |
| CVE-2024-45024 | 2024-09-11 | mm/hugetlb: fix hugetlb vs. core-mm PT locking |
| CVE-2024-45025 | 2024-09-11 | fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE |
| CVE-2024-45026 | 2024-09-11 | s390/dasd: fix error recovery leading to data corruption on ESE devices |
| CVE-2024-45027 | 2024-09-11 | usb: xhci: Check for xhci->interrupters being allocated in xhci_mem_clearup() |
| CVE-2024-45028 | 2024-09-11 | mmc: mmc_test: Fix NULL dereference on allocation failure |
| CVE-2024-45029 | 2024-09-11 | i2c: tegra: Do not mark ACPI devices as irq safe |
| CVE-2024-45030 | 2024-09-11 | igb: cope with large MAX_SKB_FRAGS |
| CVE-2024-46672 | 2024-09-11 | wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion |
| CVE-2024-5760 | 2024-09-11 | The Samsung Universal Print Driver for Windows is potentially vulnerable... |
| CVE-2024-7312 | 2024-09-11 | REST Interface Link Redirection via Host parameter |
| CVE-2024-39378 | 2024-09-11 | Audition | Out-of-bounds Write (CWE-787) |
| CVE-2024-41868 | 2024-09-11 | Audition | Out-of-bounds Read (CWE-125) |
| CVE-2024-8097 | 2024-09-11 | Sensitive information exposure when the org.glassfish.admingui LOGGER is set to FINEST level |
| CVE-2024-8686 | 2024-09-11 | PAN-OS: Command Injection Vulnerability |
| CVE-2024-20343 | 2024-09-11 | Cisco IOS XR Software CLI Arbitrary File Read Vulnerability |
| CVE-2024-20390 | 2024-09-11 | Cisco IOS XR Software Dedicated XML Agent TCP Denial of Service Vulnerability |
| CVE-2024-20398 | 2024-09-11 | Cisco IOS XR Software Local Privilege Escalation Vulnerability |
| CVE-2024-20317 | 2024-09-11 | Cisco IOS XR Software Layer 2 Services Denial of Service Vulnerability |
| CVE-2024-20381 | 2024-09-11 | Cisco Network Services Orchestrator Configuration Update Authorization Bypass Vulnerability |
| CVE-2024-20406 | 2024-09-11 | Cisco IOS XR Software Intermediate System-to-Intermediate System Denial of Service Vulnerability |
| CVE-2024-20483 | 2024-09-11 | Cisco IOS XR PON Controller Command Injection Vulnerabilities |
| CVE-2024-20489 | 2024-09-11 | Cisco Routed Passive Optical Network Cleartext Password Vulnerability |
| CVE-2024-20304 | 2024-09-11 | Cisco IOS XR Software Packet Memory Exhaustion Vulnerability |
| CVE-2024-8687 | 2024-09-11 | PAN-OS: Cleartext Exposure of GlobalProtect Portal Passcodes |
| CVE-2024-8688 | 2024-09-11 | PAN-OS: Arbitrary File Read Vulnerability in the Command Line Interface (CLI) |
| CVE-2024-8689 | 2024-09-11 | ActiveMQ Content Pack: Cleartext Exposure of Credentials |
| CVE-2024-8690 | 2024-09-11 | Cortex XDR Agent: Local Windows Administrator Can Disable the Agent |
| CVE-2024-8691 | 2024-09-11 | PAN-OS: User Impersonation in GlobalProtect Portal |
| CVE-2024-8692 | 2024-09-11 | TDuckCloud TDuckPro password recovery |
| CVE-2024-8693 | 2024-09-11 | Kaon CG3000 dhcpcd Command cross site scripting |
| CVE-2024-8694 | 2024-09-11 | JFinalCMS com.cms.controller.admin.TemplateController update path traversal |
| CVE-2024-7889 | 2024-09-11 | Local privilege escalation allows a low-privileged user to gain SYSTEM privileges |
| CVE-2024-8705 | 2024-09-11 | Shandong Star Measurement and Control Equipment Heating Network Wireless Monitoring System UCCGSrv.asmx GetDataKindByType sql injection |
| CVE-2024-7890 | 2024-09-11 | Local privilege escalation allows a low-privileged user to gain SYSTEM privileges |
| CVE-2024-28981 | 2024-09-11 | Hitachi Vantara Pentaho Data Integration & Analytics - Insufficiently Protected Credentials |
| CVE-2024-8706 | 2024-09-11 | JFinalCMS com.cms.util.TemplateUtils update path traversal |
| CVE-2020-24061 | 2024-09-12 | Cross Site Scripting (XSS) Vulnerability in Firewall menu in Control... |
| CVE-2024-34334 | 2024-09-12 | ORDAT FOSS-Online before v2.24.01 was discovered to contain a SQL... |
| CVE-2024-34335 | 2024-09-12 | ORDAT FOSS-Online before version 2.24.01 was discovered to contain a... |
| CVE-2024-34336 | 2024-09-12 | User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers... |
| CVE-2024-40457 | 2024-09-12 | No-IP Dynamic Update Client (DUC) v3.x uses cleartext credentials that... |
| CVE-2024-41629 | 2024-09-12 | An issue in Texas Instruments Fusion Digital Power Designer v.7.10.1... |
| CVE-2024-44459 | 2024-09-12 | A memory allocation issue in vernemq v2.0.1 allows attackers to... |
| CVE-2024-44460 | 2024-09-12 | An invalid read size in Nanomq v0.21.9 allows attackers to... |
| CVE-2024-45181 | 2024-09-12 | An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before... |
| CVE-2024-45182 | 2024-09-12 | An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before... |
| CVE-2024-25270 | 2024-09-12 | An issue in Mirapolis LMS 4.6.XX allows authenticated users to... |
| CVE-2024-36066 | 2024-09-12 | The CMP CLI client in KeyFactor EJBCA before 8.3.1 has... |
| CVE-2024-8707 | 2024-09-12 | 云课网络科技有限公司 Yunke Online School System Appadmin.php downfile path traversal |
| CVE-2024-32842 | 2024-09-12 | An unspecified SQL injection in Ivanti EPM before 2022 SU6,... |
| CVE-2024-32845 | 2024-09-12 | An unspecified SQL injection in Ivanti EPM before 2022 SU6,... |
| CVE-2024-32846 | 2024-09-12 | An unspecified SQL injection in Ivanti EPM before 2022 SU6,... |
| CVE-2024-32843 | 2024-09-12 | An unspecified SQL injection in Ivanti EPM before 2022 SU6,... |
| CVE-2024-34785 | 2024-09-12 | An unspecified SQL injection in Ivanti EPM before 2022 SU6,... |
| CVE-2024-32848 | 2024-09-12 | An unspecified SQL injection in Ivanti EPM before 2022 SU6,... |
| CVE-2024-37397 | 2024-09-12 | An External XML Entity (XXE) vulnerability in the provisioning web... |
| CVE-2024-34779 | 2024-09-12 | An unspecified SQL injection in Ivanti EPM before 2022 SU6,... |
| CVE-2024-29847 | 2024-09-12 | Deserialization of untrusted data in the agent portal of Ivanti... |
| CVE-2024-34783 | 2024-09-12 | An unspecified SQL injection in Ivanti EPM before 2022 SU6,... |
| CVE-2024-32840 | 2024-09-12 | An unspecified SQL injection in Ivanti EPM before 2022 SU6,... |
| CVE-2024-8708 | 2024-09-12 | SourceCodester Best House Rental Management System categories.php cross site scripting |
| CVE-2024-8709 | 2024-09-12 | SourceCodester Best House Rental Management System admin_class.php save_user sql injection |
| CVE-2024-8710 | 2024-09-12 | code-projects Inventory Management Products Table Page viewProduct.php sql injection |
| CVE-2024-38222 | 2024-09-12 | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability |
| CVE-2024-8711 | 2024-09-12 | SourceCodester Food Ordering Management System includes exposure of information through directory listing |
| CVE-2024-45624 | 2024-09-12 | Exposure of sensitive information due to incompatible policies issue exists... |
| CVE-2024-3163 | 2024-09-12 | Easy Property Listings < 3.5.4 - Arbitrary Contact Deletion via CSRF |
| CVE-2024-5799 | 2024-09-12 | CM Pop-Up Banners for WordPress < 1.7.3 - Contributor+ Stored XSS |
| CVE-2024-6017 | 2024-09-12 | Music Request Manager <= 1.3 - Stored XSS via CSRF |
| CVE-2024-6018 | 2024-09-12 | Music Request Manager <= 1.3 - Reflected XSS |
| CVE-2024-6019 | 2024-09-12 | Music Request Manager <= 1.3 - Unauthenticated Stored XSS |
| CVE-2024-6887 | 2024-09-12 | Giveaways and Contests by RafflePress < 1.12.16 - Editor+ Stored XSS |
| CVE-2024-7766 | 2024-09-12 | Adicon Server <= 1.2 - Admin+ SQL Injection |
| CVE-2024-7816 | 2024-09-12 | Gixaw Chat <= 1.0 - Stored XSS via CSRF |
| CVE-2024-7817 | 2024-09-12 | Misiek Photo Album <= 1.4.3 - Album Deletion via CSRF |
| CVE-2024-7818 | 2024-09-12 | Misiek Photo Album <= 1.4.3 - Stored XSS via CSRF |
| CVE-2024-7820 | 2024-09-12 | ILC Thickbox <= 1.0 - Settings update via CSRF |
| CVE-2024-7822 | 2024-09-12 | Quick Code <= 1.0 - Stored XSS via CSRF |
| CVE-2024-7859 | 2024-09-12 | Visual Sound <= 1.03 - Settings Update via CSRF |
| CVE-2024-7860 | 2024-09-12 | Simple Headline Rotator <= 1.0 - Stored XSS via CSRF |
| CVE-2024-7861 | 2024-09-12 | Misiek Paypal <= 1.1.20090324 - Stored XSS via CSRF |
| CVE-2024-7862 | 2024-09-12 | Blog Introduction <= 0.3.0 - Settings Update via CSRF |
| CVE-2024-8054 | 2024-09-12 | MM-Breaking News <= 0.7.9 - Stored XSS via CSRF |
| CVE-2024-8056 | 2024-09-12 | MM-Breaking News <= 0.7.9 - Reflected XSS |