Lista CVE - 2024 / Settembre

Visualizzazione 2401 - 2500 di 2518 CVE per Settembre 2024 (Pagina 25 di 26)

Torna alla Lista Precedente Successivo

ID CVE	Data	Titolo
CVE-2024-38308	2024-09-27	Advantech ADAM-5550 Cross-site Scripting
CVE-2024-39275	2024-09-27	Advantech ADAM-5630 Use of Persistent Cookies Containing Sensitive Information
CVE-2024-28948	2024-09-27	Advantech ADAM-5630 Cross-Site Request Forgery
CVE-2024-9301	2024-09-27	A path traversal issue in E2Nest prior to commit 8a41948e553c89c56b14410c6ed395e9cfb9250a
CVE-2024-34542	2024-09-27	Advantech ADAM-5630 Weak Encoding for Password
CVE-2024-39364	2024-09-27	Advantech ADAM-5630 Missing Authentication for Critical Function
CVE-2024-9160	2024-09-27	Security Misconfiguration in Forge module PEADM
CVE-2024-6436	2024-09-27	Rockwell Automation Input Validation Vulnerability exists in the SequenceManager™ Server
CVE-2024-9291	2024-09-27	kalvinGit kvf-admin XML File cross site scripting
CVE-2024-9293	2024-09-27	skyselang yylAdmin Backend File.php list sql injection
CVE-2024-47186	2024-09-27	Filament has unvalidated ColorColumn and ColorEntry values that can be used for Cross-site Scripting
CVE-2024-23586	2024-09-27	An insufficient session timeout vulnerability affects HCL Nomad server on Domino
CVE-2024-9294	2024-09-27	dingfanzu CMS saveNewPwd.php sql injection
CVE-2024-38796	2024-09-27	Integer overflow in PeCoffLoaderRelocateImage
CVE-2024-8547	2024-09-28	Simple Popup Plugin <= 4.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2024-8788	2024-09-28	EU/UK VAT Manager for WooCommerce <= 2.12.12 - Reflected Cross-Site Scripting
CVE-2024-9023	2024-09-28	WP-WebAuthn <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via wwa_login_form Shortcode
CVE-2024-8353	2024-09-28	GiveWP – Donation Plugin and Fundraising Platform <= 3.16.1 - Unauthenticated PHP Object Injection
CVE-2024-9189	2024-09-28	EU/UK VAT Manager for WooCommerce <= 2.12.12 - Missing Authorization
CVE-2024-8715	2024-09-28	Simple LDAP Login <= 1.6.0 - Reflected Cross-Site Scripting
CVE-2024-23938	2024-09-28	Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution Vulnerability
CVE-2024-23957	2024-09-28	Autel MaxiCharger AC Elite Business C50 DLB_HostHeartBeat Stack-based Buffer Overflow Remote Code Execution Vulnerability
CVE-2024-23958	2024-09-28	Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass Vulnerability
CVE-2024-23967	2024-09-28	Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow Remote Code Execution Vulnerability
CVE-2024-23935	2024-09-28	Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability
CVE-2024-23959	2024-09-28	Autel MaxiCharger AC Elite Business C50 BLE AppChargingControl Stack-based Buffer Overflow Remote Code Execution Vulnerability
CVE-2024-23961	2024-09-28	Alpine Halo9 UPDM_wemCmdUpdFSpeDecomp Command Injection Remote Code Execution Vulnerability
CVE-2024-23924	2024-09-28	Alpine Halo9 UPDM_wemCmdCreatSHA256Hash Command Injection Remote Code Execution Vulnerability
CVE-2024-23960	2024-09-28	Alpine Halo9 Improper Verification of Cryptographic Signature Vulnerability
CVE-2024-23923	2024-09-28	Alpine Halo9 prh_l2_sar_data_ind Use-After-Free Remote Code Execution Vulnerability
CVE-2024-9295	2024-09-28	SourceCodester Advocate Office Management System login.php sql injection
CVE-2024-8712	2024-09-28	GTM Server Side <= 2.1.19 - Reflected Cross-Site Scripting
CVE-2024-9296	2024-09-28	SourceCodester Advocate Office Management System forgot_pass.php sql injection
CVE-2024-9297	2024-09-28	SourceCodester Online Railway Reservation System admin improper authorization
CVE-2024-8189	2024-09-28	WP MultiTasking - WP Utilities <= 0.1.17 - Authenticated (Administrator+) Stored Cross-Site Scripting
CVE-2024-9298	2024-09-28	SourceCodester Online Railway Reservation System Ticket ?page=tickets access control
CVE-2024-9299	2024-09-28	SourceCodester Online Railway Reservation System ?page=reserve cross site scripting
CVE-2024-9300	2024-09-28	SourceCodester Online Railway Reservation System Message Us Form contact_us.php cross site scripting
CVE-2024-9315	2024-09-28	SourceCodester Employee and Visitor Gate Pass Logging System manage_department.php sql injection
CVE-2024-9316	2024-09-28	code-projects Blood Bank Management System B+.php sql injection
CVE-2024-9317	2024-09-28	SourceCodester Online Eyewear Shop Master.php delete_category sql injection
CVE-2024-9318	2024-09-28	SourceCodester Advocate Office Management System activate.php sql injection
CVE-2024-9319	2024-09-28	SourceCodester Online Timesheet App delete-timesheet.php sql injection
CVE-2024-9320	2024-09-29	SourceCodester Online Timesheet App Add Timesheet Form add-timesheet.php cross site scripting
CVE-2024-9321	2024-09-29	SourceCodester Online Railway Reservation System view_details.php access control
CVE-2024-9322	2024-09-29	code-projects Supply Chain Management edit_manufacturer.php sql injection
CVE-2024-9323	2024-09-29	SourceCodester Inventory Management System add_staff.php cross site scripting
CVE-2024-9324	2024-09-29	Intelbras InControl Relatório de Operadores Page operador code injection
CVE-2024-9325	2024-09-29	Intelbras InControl incontrol-service-watchdog.exe unquoted search path
CVE-2024-9326	2024-09-29	PHPGurukul Online Shopping Portal Admin Panel index.php sql injection
CVE-2024-9327	2024-09-29	code-projects Blood Bank System forgot.php sql injection
CVE-2024-9328	2024-09-29	SourceCodester Advocate Office Management System edit_client.php sql injection
CVE-2024-28807	2024-09-30	An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext...
CVE-2024-28808	2024-09-30	An issue was discovered in Infinera hiT 7300 5.60.50. Hidden...
CVE-2024-28809	2024-09-30	An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext...
CVE-2024-28810	2024-09-30	An issue was discovered in Infinera hiT 7300 5.60.50. Sensitive...
CVE-2024-28811	2024-09-30	An issue was discovered in Infinera hiT 7300 5.60.50. A...
CVE-2024-28812	2024-09-30	An issue was discovered in Infinera hiT 7300 5.60.50. A...
CVE-2024-28813	2024-09-30	An issue was discovered in Infinera hiT 7300 5.60.50. Undocumented...
CVE-2024-35495	2024-09-30	An Information Disclosure vulnerability in the Telemetry component in TP-Link...
CVE-2024-42017	2024-09-30	An issue was discovered in Atos Eviden iCare 2.7.1 through...
CVE-2024-45200	2024-09-30	In Nintendo Mario Kart 8 Deluxe before 3.0.3, the LAN/LDN...
CVE-2024-45920	2024-09-30	A Stored Cross-Site Scripting (XSS) vulnerability in Solvait 24.4.2 allows...
CVE-2024-45993	2024-09-30	Giflib Project v5.2.2 is vulnerable to a heap buffer overflow...
CVE-2024-46280	2024-09-30	PIX-LINK LV-WR22 RE3002-P1-01_V117.0 is vulnerable to Improper Access Control. The...
CVE-2024-46293	2024-09-30	Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Incorrect...
CVE-2024-46313	2024-09-30	TP-Link WR941ND V6 has a stack overflow vulnerability in the...
CVE-2024-46475	2024-09-30	A reflected cross-site scripting (XSS) vulnerability on the homepage of...
CVE-2024-46510	2024-09-30	ESAFENET CDG v5 was discovered to contain a SQL injection...
CVE-2024-46511	2024-09-30	LoadZilla LLC LoadLogic v1.4.3 was discovered to contain insecure permissions...
CVE-2024-46540	2024-09-30	A remote code execution (RCE) vulnerability in the component /admin/store.php...
CVE-2024-46548	2024-09-30	TP-Link Tapo P125M and Kasa KP125M v1.0.3 was discovered to...
CVE-2024-46549	2024-09-30	An issue in the TP-Link MQTT Broker and API gateway...
CVE-2024-46635	2024-09-30	An issue in the API endpoint /AccountMaster/GetCurrentUserInfo of INROAD before...
CVE-2024-3635	2024-09-30	The Post Grid < 7.5.0 - Editor+ Stored XSS via Grid Creation
CVE-2024-8239	2024-09-30	Starbox < 3.5.3 - Contributor+ Stored XSS
CVE-2024-8283	2024-09-30	Slider by 10Web < 1.2.59 - Admin+ Stored XSS
CVE-2024-8379	2024-09-30	Cost Calculator Builder < 3.2.29 - Admin+ SQL Injection
CVE-2024-8536	2024-09-30	Ultimate Blocks < 3.2.2 - Contributor+ Stored XSS
CVE-2024-8448	2024-09-30	PLANET Technology switch devices - Remote privilege escalation using hard-coded credentials
CVE-2024-8449	2024-09-30	PLANET Technology switch devices - Local users' passwords recovery through hard-coded credentials
CVE-2024-8450	2024-09-30	PLANET Technology switch devices - Hard-coded SNMPv1 read-write community string
CVE-2024-8451	2024-09-30	PLANET Technology switch devices - SSH server DoS attack
CVE-2024-8452	2024-09-30	PLANET Technology switch devices - Insecure hash functions used for SNMPv3 credentials
CVE-2024-9329	2024-09-30	Glassfish redirect to untrusted site
CVE-2024-8453	2024-09-30	PLANET Technology switch devices - Weak hash for users' passwords
CVE-2024-8454	2024-09-30	PLANET Technology switch devices - Swctrl service DoS attack
CVE-2024-8455	2024-09-30	PLANET Technology switch devices - Swctrl service exchanges weakly encoded passwords
CVE-2024-8456	2024-09-30	PLANET Technology switch devices - Missing Authentication for multiple HTTP routes
CVE-2024-8457	2024-09-30	PLANET Technology switch devices - Stored cross-site scripting (XSS) in the User Management
CVE-2024-8458	2024-09-30	PLANET Technology switch devices - Cross-site Request Forgery
CVE-2024-41999	2024-09-30	Smart-tab Android app installed April 2023 or earlier contains an...
CVE-2024-42496	2024-09-30	Smart-tab Android app installed April 2023 or earlier contains an...
CVE-2024-8459	2024-09-30	PLANET Technology switch devices - Cleartext storage of SNMPv3 users' passwords
CVE-2024-6394	2024-09-30	Local File Inclusion in parisneo/lollms-webui
CVE-2024-45772	2024-09-30	Apache Lucene Replicator: Security Vulnerability in Lucene Replicator - Deserialization Issue
CVE-2024-47641	2024-09-30	WordPress Confetti Fall Animation plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability
CVE-2024-6051	2024-09-30	Cross Application Scripting in Redlink SDK
CVE-2024-45792	2024-09-30	MantisBT vulnerable to information disclosure with user profiles
CVE-2024-47063	2024-09-30	Computer Vision Annotation Tool (CVAT) contains a stored XSS via the quality report data endpoint