CVE-2024-0xxx

There are 938 CVE in this subgroup.
Last updated: 
← Back to 2024
ID Summary Flags Max Score
CVE-2024-0001 A condition exists in FlashArray Purity whereby a local account intended for initial array configura...
S
CVE-2024-0002 A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing...
S
CVE-2024-0003 A condition exists in FlashArray Purity whereby a malicious user could use a remote administrative s...
S
CVE-2024-0004 A condition exists in FlashArray Purity whereby an user with array admin role can execute arbitrary ...
S
CVE-2024-0005 A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute arbitr...
S
CVE-2024-0006 DB User Password Leak in Application Log
S
CVE-2024-0007 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface
S
CVE-2024-0008 PAN-OS: Insufficient Session Expiration Vulnerability in the Web Interface
S
CVE-2024-0009 PAN-OS: Improper IP Address Verification in GlobalProtect Gateway
S
CVE-2024-0010 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Portal
S
CVE-2024-0011 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication
S
CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015)
KEV E S
CVE-2024-0014 In startInstall of UpdateFetcher.java, there is a possible way to trigger a malicious config update ...
CVE-2024-0015 In convertToComponentName of DreamService.java, there is a possible way to launch arbitrary protecte...
S
CVE-2024-0016 In multiple locations, there is a possible out of bounds read due to a missing bounds check. This co...
S
CVE-2024-0017 In shouldUseNoOpLocation of CameraActivity.java, there is a possible confused deputy due to a permis...
S
CVE-2024-0018 In convertYUV420Planar16ToY410 of ColorConverter.cpp, there is a possible out of bounds write due to...
S
CVE-2024-0019 In setListening of AppOpsControllerImpl.java, there is a possible way to hide the microphone privacy...
S
CVE-2024-0020 In onActivityResult of NotificationSoundPreference.java, there is a possible way to hear audio files...
S
CVE-2024-0021 In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way for an app in th...
S
CVE-2024-0022 In multiple functions of CompanionDeviceManagerService.java, there is a possible launch Notification...
S
CVE-2024-0023 In ConvertRGBToPlanarYUV of Codec2BufferUtils.cpp, there is a possible out of bounds write due to an...
S
CVE-2024-0024 In multiple methods of UserManagerService.java, there is a possible failure to persist or enforce us...
S
CVE-2024-0025 In sendIntentSender of ActivityManagerService.java, there is a possible background activity launch d...
S
CVE-2024-0026 In multiple functions of SnoozeHelper.java, there is a possible persistent denial of service due to ...
S
CVE-2024-0027 In multiple functions of SnoozeHelper.java, there is a possible way to cause a boot loop due to reso...
S
CVE-2024-0029 In multiple files, there is a possible way to capture the device screen when disallowed by device po...
S
CVE-2024-0030 In btif_to_bta_response of btif_gatt_util.cc, there is a possible out of bounds read due to an incor...
S
CVE-2024-0031 In attp_build_read_by_type_value_cmd of att_protocol.cc , there is a possible out of bounds write du...
S
CVE-2024-0032 In queryChildDocuments of FileSystemProvider.java, there is a possible way to request access to dire...
S
CVE-2024-0033 In multiple functions of ashmem-dev.cpp, there is a possible missing seal due to a heap buffer overf...
S
CVE-2024-0034 In BackgroundLaunchProcessController, there is a possible way to launch arbitrary activity from the ...
S
CVE-2024-0035 In onNullBinding of TileLifecycleManager.java, there is a possible way to launch an activity from th...
S
CVE-2024-0036 In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to bypass t...
S
CVE-2024-0037 In applyCustomDescription of SaveUi.java, there is a possible way to view images belonging to a diff...
S
CVE-2024-0038 In injectInputEventToInputFilter of AccessibilityManagerService.java, there is a possible arbitrary ...
S
CVE-2024-0039 In attp_build_value_cmd of att_protocol.cc, there is a possible out of bounds write due to a missing...
S
CVE-2024-0040 In setParameter of MtpPacket.cpp, there is a possible out of bounds read due to a heap buffer overfl...
S
CVE-2024-0041 In removePersistentDot of SystemStatusAnimationSchedulerImpl.kt, there is a possible race condition ...
S
CVE-2024-0042 In TBD of TBD, there is a possible confusion of OEM and DRM certificates due to improperly used cryp...
CVE-2024-0043 In multiple locations, there is a possible notification listener grant to an app running in the work...
S
CVE-2024-0044 In createSessionInternal of PackageInstallerService.java, there is a possible run-as any app due to ...
E S
CVE-2024-0045 In smp_proc_sec_req of smp_act.cc, there is a possible out of bounds read due to improper input vali...
S
CVE-2024-0046 In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restrictio...
S
CVE-2024-0047 In writeUserLP of UserManagerService.java, device policies are serialized with an incorrect tag due ...
S
CVE-2024-0048 In Session of AccountManagerService.java, there is a possible method to retain foreground service pr...
S
CVE-2024-0049 In multiple locations, there is a possible out of bounds write due to a heap buffer overflow. This c...
S
CVE-2024-0050 In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to a m...
S
CVE-2024-0051 In onQueueFilled of SoftMPEG4.cpp, there is a possible out of bounds write due to a heap buffer over...
S
CVE-2024-0052 In multiple functions of healthconnect, there is a possible leakage of exercise route data due to a ...
S
CVE-2024-0053 In getCustomPrinterIcon of PrintManagerService.java, there is a possible way to view other user's im...
S
CVE-2024-0054 Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX APIs local_list.cgi...
CVE-2024-0055 Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX APIs mediaclip.cgi ...
CVE-2024-0056 Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability
S
CVE-2024-0057 NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
S
CVE-2024-0066 Johan Fagerström, member of the AXIS OS Bug Bounty Program, has found that a O3C feature may expose ...
CVE-2024-0067 Marinus Pfund, member of the AXIS OS Bug Bounty Program, has found the VAPIX API ledlimit.cgi was v...
CVE-2024-0068 Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Acces...
CVE-2024-0069 Rejected reason: This CVE ID was unused by the CNA....
R
CVE-2024-0070 Rejected reason: This CVE ID was unused by the CNA....
R
CVE-2024-0071 CVE
CVE-2024-0072 NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an a...
CVE-2024-0073 CVE
CVE-2024-0074 CVE
CVE-2024-0075 CVE
CVE-2024-0076 NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an a...
CVE-2024-0077 CVE
CVE-2024-0078 CVE
CVE-2024-0079 CVE
CVE-2024-0080 NVIDIA nvTIFF Library for Windows and Linux contains a vulnerability where improper input validatio...
CVE-2024-0081 NVIDIA NeMo framework for Ubuntu contains a vulnerability in tools/asr_webapp where an attacker may...
CVE-2024-0082 CVE
CVE-2024-0083 CVE
CVE-2024-0084 CVE
CVE-2024-0085 CVE
CVE-2024-0086 CVE
CVE-2024-0087 CVE
CVE-2024-0088 CVE
CVE-2024-0089 CVE
CVE-2024-0090 CVE
CVE-2024-0091 CVE
CVE-2024-0092 CVE
CVE-2024-0093 CVE
CVE-2024-0094 CVE
CVE-2024-0095 CVE
CVE-2024-0096 CVE
CVE-2024-0097 CVE
CVE-2024-0098 CVE
CVE-2024-0099 CVE
CVE-2024-0100 CVE
CVE-2024-0101 NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in ipfilter, wher...
CVE-2024-0102 NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can ca...
CVE-2024-0103 CVE
CVE-2024-0104 NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in the LDAP AAA c...
CVE-2024-0105 NVIDIA ConnectX Firmware contains a vulnerability where an attacker may cause an improper handling o...
CVE-2024-0106 NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit (DPU) contains a vulnerability ...
CVE-2024-0107 NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unpr...
CVE-2024-0108 NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping ...
CVE-2024-0109 NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash b...
CVE-2024-0110 NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of...
CVE-2024-0111 NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash o...
CVE-2024-0112 NVIDIA Jetson AGX Orin™ and NVIDIA IGX Orin software contain a vulnerability where an attacker can c...
CVE-2024-0113 NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support, where...
CVE-2024-0114 NVIDIA Hopper HGX for 8-GPU contains a vulnerability in the HGX Management Controller (HMC) that may...
CVE-2024-0115 NVIDIA CV-CUDA for Ubuntu 20.04, Ubuntu 22.04, and Jetpack contains a vulnerability in Python APIs w...
CVE-2024-0116 NVIDIA Triton Inference Server contains a vulnerability where a user may cause an out-of-bounds read...
CVE-2024-0117 NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unpr...
CVE-2024-0118 NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unpr...
CVE-2024-0119 NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unpr...
CVE-2024-0120 NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unpr...
CVE-2024-0121 NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unpr...
CVE-2024-0122 NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an att...
CVE-2024-0123 NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool...
CVE-2024-0124 NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool,...
CVE-2024-0125 NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool,...
CVE-2024-0126 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability which could allow a privile...
CVE-2024-0127 NVIDIA vGPU software contains a vulnerability in the GPU kernel driver of the vGPU Manager for all s...
CVE-2024-0128 NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager that allows a user of the g...
CVE-2024-0129 NVIDIA NeMo contains a vulnerability in SaveRestoreConnector where a user may cause a path traversal...
CVE-2024-0130 NVIDIA UFM Enterprise, UFM Appliance, and UFM CyberAI contain a vulnerability where an attacker can ...
CVE-2024-0131 NVIDIA GPU kernel driver for Windows and Linux contains a vulnerability where a potential user-mode ...
CVE-2024-0132 NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerabili...
CVE-2024-0133 NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation...
CVE-2024-0134 NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a spec...
CVE-2024-0135 NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted cont...
CVE-2024-0136 NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted cont...
CVE-2024-0137 NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted cont...
CVE-2024-0138 NVIDIA Base Command Manager contains a missing authentication vulnerability in the CMDaemon componen...
CVE-2024-0139 NVIDIA Base Command Manager and Bright Cluster Manager for Linux contain an insecure temporary file ...
CVE-2024-0140 NVIDIA RAPIDS contains a vulnerability in cuDF and cuML, where a user could cause a deserialization ...
CVE-2024-0141 NVIDIA Hopper HGX for 8-GPU contains a vulnerability in the GPU vBIOS that may allow a malicious act...
CVE-2024-0142 NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause an out-of-bounds writ...
CVE-2024-0143 NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause an out-of-bounds writ...
CVE-2024-0144 NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause a buffer overflow iss...
CVE-2024-0145 NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause a heap-based buffer o...
CVE-2024-0146 NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest co...
CVE-2024-0147 NVIDIA GPU display driver for Windows and Linux contains a vulnerability where referencing memory af...
CVE-2024-0148 NVIDIA Jetson Linux and IGX OS image contains a vulnerability in the UEFI firmware RCM boot mode, wh...
CVE-2024-0149 NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an attacker unauthori...
CVE-2024-0150 NVIDIA GPU display driver for Windows and Linux contains a vulnerability where data is written past ...
CVE-2024-0151 Insufficient argument checking in Secure state Entry functions in software using Cortex-M Security E...
CVE-2024-0153 Mali GPU Firmware allows improper GPU processing operations
S
CVE-2024-0154 Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization...
CVE-2024-0155 Dell Digital Delivery, versions prior to 5.2.0.0, contain a Use After Free Vulnerability. A local lo...
CVE-2024-0156 Dell Digital Delivery, versions prior to 5.2.0.0, contain a Buffer Overflow Vulnerability. A local l...
CVE-2024-0157 Dell Storage Resource Manager, 4.9.0.0 and below, contain(s) a Session Fixation Vulnerability in SRM...
CVE-2024-0158 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user ...
CVE-2024-0159 Dell Alienware Command Center, versions 5.5.52.0 and prior, contain improper access control vulnerab...
CVE-2024-0160 Dell Client Platform contains an incorrect authorization vulnerability. An attacker with physical ac...
CVE-2024-0161 Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer...
CVE-2024-0162 Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer...
CVE-2024-0163 Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain a TOCTOU race condition vulnerabilit...
CVE-2024-0164 Dell Unity, versions prior to 5.4, contain an OS Command Injection Vulnerability in its svc_topstat...
CVE-2024-0165 Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_acldb_...
CVE-2024-0166 Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_tcpdum...
CVE-2024-0167 Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in the svc_topsta...
CVE-2024-0168 Dell Unity, versions prior to 5.4, contains a Command Injection Vulnerability in svc_oscheck utilit...
CVE-2024-0169 Dell Unity, version(s) 5.3 and prior, contain(s) an Improper Neutralization of Input During Web Page...
CVE-2024-0170 Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_cava u...
CVE-2024-0171 Dell PowerEdge Server BIOS contains an TOCTOU race condition vulnerability. A local low privileged a...
CVE-2024-0172 Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management sec...
CVE-2024-0173 Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization...
CVE-2024-0179 SMM Callout vulnerability within the AmdCpmDisplayFeatureSMM driver could allow locally authenticate...
CVE-2024-0181 RRJ Nueva Ecija Engineer Online Portal Admin Panel admin_user.php cross site scripting
E
CVE-2024-0182 SourceCodester Engineers Online Portal Admin Login sql injection
CVE-2024-0183 RRJ Nueva Ecija Engineer Online Portal NIA Office students.php cross site scripting
E
CVE-2024-0184 RRJ Nueva Ecija Engineer Online Portal Add Enginer edit_teacher.php cross site scripting
E
CVE-2024-0185 RRJ Nueva Ecija Engineer Online Portal Avatar dasboard_teacher.php unrestricted upload
E
CVE-2024-0186 HuiRan Host Reseller System HTTP POST Request password recovery
E
CVE-2024-0187 Community by PeepSo < 6.3.1.2 - Reflected XSS
E
CVE-2024-0188 RRJ Nueva Ecija Engineer Online Portal change_password_teacher.php weak password
E
CVE-2024-0189 RRJ Nueva Ecija Engineer Online Portal Create Message teacher_message.php cross site scripting
E
CVE-2024-0190 RRJ Nueva Ecija Engineer Online Portal Quiz add_quiz.php cross site scripting
E
CVE-2024-0191 RRJ Nueva Ecija Engineer Online Portal file information disclosure
E
CVE-2024-0192 RRJ Nueva Ecija Engineer Online Portal Add Downloadable downloadable.php unrestricted upload
E
CVE-2024-0193 Kernel: netfilter: use-after-free in nft_trans_gc_catchall_sync leads to privilege escalation
S
CVE-2024-0194 CodeAstro Internet Banking System Profile Picture pages_account.php unrestricted upload
E
CVE-2024-0195 spider-flow FunctionController.java FunctionService.saveFunction code injection
E
CVE-2024-0196 Magic-Api code injection
E
CVE-2024-0197 Privilege Escalation in Thales SafeNet Sentinel HASP LDK
S
CVE-2024-0198 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2024-0199 Incorrect Authorization in GitLab
E S
CVE-2024-0200 Unsafe Reflection in Github Enterprise Server leading to Command Injection
CVE-2024-0201 The Product Expiry for WooCommerce plugin for WordPress is vulnerable to unauthorized modification o...
CVE-2024-0202 Cryptlib: rsa key exchange ciphersuites in tls vulnerable to marvin attack
CVE-2024-0203 The Digits plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and i...
CVE-2024-0204 Authentication Bypass in GoAnywhere MFT
S
CVE-2024-0206 A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024...
CVE-2024-0207 Out-of-bounds Read in Wireshark
E S
CVE-2024-0208 Improper Handling of Missing Values in Wireshark
E S
CVE-2024-0209 NULL Pointer Dereference in Wireshark
E S
CVE-2024-0210 Uncontrolled Recursion in Wireshark
E S
CVE-2024-0211 Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
E S
CVE-2024-0212 Cloudflare WordPress plugin enables information disclosure of Cloudflare API (for low privileged users)
CVE-2024-0213 A buffer overflow vulnerability in TA for Linux and TA for MacOS prior to 5.8.1 allows a local user...
S
CVE-2024-0216 The Google Doc Embedder plugin for WordPress is vulnerable to Server Side Request Forgery via the 'g...
CVE-2024-0217 Packagekitd: use-after-free in idle function callback
S
CVE-2024-0218 DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1
S
CVE-2024-0219 Privilege Elevation via Telerik JustDecompile Installer
CVE-2024-0220 B&R products use insufficient communication encryption
CVE-2024-0221 The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Dir...
S
CVE-2024-0222 Use after free in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker who had c...
CVE-2024-0223 Heap buffer overflow in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to ...
CVE-2024-0224 Use after free in WebAudio in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to pot...
CVE-2024-0225 Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to poten...
CVE-2024-0226 Stored Cross-Site Scripting in Synopsys Seeker
CVE-2024-0227 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2024-0228 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i...
R
CVE-2024-0229 Xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access
M
CVE-2024-0230 A session management issue was addressed with improved checks. This issue is fixed in Magic Keyboard...
CVE-2024-0231 Improper Control of Resource Identifiers ('Resource Injection') in GitLab
E S
CVE-2024-0232 Sqlite: use-after-free bug in jsonparseaddnodearray
E
CVE-2024-0233 EventON (Free < 2.2.8, Premium < 4.5.5) - Reflected XSS
E
CVE-2024-0235 EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Email Address Disclosure
E
CVE-2024-0236 EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Virtual Event Password Disclosure
E
CVE-2024-0237 EventON (Free < 2.2.9, Premium <= 4.5.8) - Unauthenticated Virtual Event Settings Update
E
CVE-2024-0238 EventON (Free < 2.2.8, Premium < 4.5.6) - Unauthenticated Arbitrary Post Metadata Update
E
CVE-2024-0239 Contact Form 7 Connector < 1.2.3 - Reflected XSS
E
CVE-2024-0240 Silicon Labs EFR32 Bluetooth stack denial of service when sending notifications to multiple clients
CVE-2024-0241 encoded_id-rails Denial of Service Vulnerability
E S
CVE-2024-0242 Unauthorized access to settings in Qolsys IQ Panel 4 and IQ4 Hub
S
CVE-2024-0243 Server-side Request Forgery In Recursive URL Loader
E S
CVE-2024-0244 Buffer overflow in CPCA PCFAX number process of Office Multifunction Printers and Laser Printers(*) ...
CVE-2024-0245 Task Hijacking in hamza417/inure
CVE-2024-0246 IceWarp Utility Download cross site scripting
CVE-2024-0247 CodeAstro Online Food Ordering System Admin Panel sql injection
E
CVE-2024-0248 EazyDocs < 2.4.0 - Subscriber+ Arbitrary Posts Deletion and Document Management
E
CVE-2024-0249 Advanced Schedule Posts <= 2.1.8 - Reflected XSS
E
CVE-2024-0250 Analytics Insights for Google Analytics 4 < 6.3 - Open Redirect
E
CVE-2024-0251 The Advanced Woo Search plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the...
CVE-2024-0252 Remote code execution
CVE-2024-0253 SQL Injection
CVE-2024-0254 The (Simply) Guest Author Name plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
S
CVE-2024-0255 The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin...
S
CVE-2024-0256 The Starbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Profile Displa...
S
CVE-2024-0257 RoboDK Heap-based Buffer Overflow
M
CVE-2024-0258 The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.4, iOS 17.4 an...
CVE-2024-0259 Privilege Escalation in Robot Schedule Enterprise Agent for Windows prior to version 3.04
S
CVE-2024-0260 SourceCodester Engineers Online Portal Password Change change_password_teacher.php session expiration
E
CVE-2024-0261 Sentex FTPDMIN RNFR Command denial of service
E
CVE-2024-0262 Online Job Portal Create News Page News.php cross site scripting
E
CVE-2024-0263 ACME Ultra Mini HTTPd HTTP GET Request denial of service
E
CVE-2024-0264 SourceCodester Clinic Queuing System LoginRegistration.php authorization
E
CVE-2024-0265 SourceCodester Clinic Queuing System GET Parameter index.php file inclusion
E
CVE-2024-0266 Project Worlds Online Lawyer Management System User Registration cross site scripting
E
CVE-2024-0267 Kashipara Hospital Management System Parameter login.php sql injection
E
CVE-2024-0268 Kashipara Hospital Management System registration.php sql injection
E
CVE-2024-0269 SQL Injection
CVE-2024-0270 Kashipara Food Management System item_list_submit.php sql injection
E
CVE-2024-0271 Kashipara Food Management System addmaterial_edit.php sql injection
E
CVE-2024-0272 Kashipara Food Management System addmaterialsubmit.php sql injection
E
CVE-2024-0273 Kashipara Food Management System addwaste_entry.php sql injection
E
CVE-2024-0274 Kashipara Food Management System billAjax.php sql injection
E
CVE-2024-0275 Kashipara Food Management System item_edit_submit.php sql injection
E
CVE-2024-0276 Kashipara Food Management System rawstock_used_damaged_smt.php sql injection
E
CVE-2024-0277 Kashipara Food Management System party_submit.php sql injection
E
CVE-2024-0278 Kashipara Food Management System partylist_edit_submit.php sql injection
E
CVE-2024-0279 Kashipara Food Management System item_list_edit.php sql injection
E
CVE-2024-0280 Kashipara Food Management System item_type_submit.php sql injection
E
CVE-2024-0281 Kashipara Food Management System loginCheck.php sql injection
E
CVE-2024-0282 Kashipara Food Management System addmaterialsubmit.php cross site scripting
E
CVE-2024-0283 Kashipara Food Management System party_details.php cross site scripting
E
CVE-2024-0284 Kashipara Food Management System party_submit.php cross site scripting
E
CVE-2024-0285 Dsoftbus has an improper input validation vulnerability
CVE-2024-0286 PHPGurukul Hospital Management System Contact Form index.php#contact_us cross site scripting
E
CVE-2024-0287 Kashipara Food Management System itemBillPdf.php sql injection
E
CVE-2024-0288 Kashipara Food Management System rawstock_used_damaged_submit.php sql injection
E
CVE-2024-0289 Kashipara Food Management System stock_entry_submit.php sql injection
E
CVE-2024-0290 Kashipara Food Management System stock_edit.php sql injection
E
CVE-2024-0291 Totolink LR1200GB cstecgi.cgi UploadFirmwareFile command injection
E
CVE-2024-0292 Totolink LR1200GB cstecgi.cgi setOpModeCfg os command injection
E
CVE-2024-0293 Totolink LR1200GB cstecgi.cgi setUploadSetting os command injection
E
CVE-2024-0294 Totolink LR1200GB cstecgi.cgi setUssd os command injection
E
CVE-2024-0295 Totolink LR1200GB cstecgi.cgi setWanCfg os command injection
E
CVE-2024-0296 Totolink N200RE cstecgi.cgi NTPSyncWithHost os command injection
E
CVE-2024-0297 Totolink N200RE cstecgi.cgi UploadFirmwareFile os command injection
E
CVE-2024-0298 Totolink N200RE cstecgi.cgi setDiagnosisCfg os command injection
E
CVE-2024-0299 Totolink N200RE cstecgi.cgi setTracerouteCfg os command injection
E
CVE-2024-0300 Byzoro Smart S150 Management Platform HTTP POST Request userattestation.php unrestricted upload
E
CVE-2024-0301 fhs-opensource iparking PayTempOrderAction.java getData sql injection
E
CVE-2024-0302 fhs-opensource iparking vueLogin deserialization
E
CVE-2024-0303 Youke365 Parameter caiji.php server-side request forgery
E
CVE-2024-0304 Youke365 collect.php server-side request forgery
E
CVE-2024-0305 Guangzhou Yingke Electronic Technology Ncast Guest Login IPSetup.php information disclosure
E
CVE-2024-0306 Kashipara Dynamic Lab Management System admin_login_process.php sql injection
E
CVE-2024-0307 Kashipara Dynamic Lab Management System login_process.php sql injection
E
CVE-2024-0308 Inis Proxy.php server-side request forgery
E
CVE-2024-0310 A content-security-policy vulnerability in ENS Control browser extension prior to 10.7.0 Update 15 ...
CVE-2024-0311 A malicious insider can bypass the existing policy of Skyhigh Client Proxy without a valid release c...
CVE-2024-0312 A malicious insider can uninstall Skyhigh Client Proxy without a valid uninstall password....
CVE-2024-0313 A malicious insider exploiting this vulnerability can circumvent existing security controls put in p...
CVE-2024-0314 XSS vulnerability in FireEye Central Management
S
CVE-2024-0315 Remote file inclusion vulnerability in FireEye Central Management
S
CVE-2024-0316 Improper cleanup vulnerability in FireEye Endpoint Security
S
CVE-2024-0317 Cross-Site Scripting in FireEye EX
S
CVE-2024-0318 Cross-Site Scripting in FireEye HXTool
S
CVE-2024-0319 Open Redirect vulnerability in FireEye HXTool
S
CVE-2024-0320 Cross-Site Scripting in FireEye Malware Analysis (AX)
S
CVE-2024-0321 Stack-based Buffer Overflow in gpac/gpac
E S
CVE-2024-0322 Out-of-bounds Read in gpac/gpac
E S
CVE-2024-0323 FTP uses unsecure encryption mechanisms
CVE-2024-0324 The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugi...
S
CVE-2024-0325 Command Injection in Helix Sync
CVE-2024-0326 The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting v...
S
CVE-2024-0333 Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an attac...
CVE-2024-0334 The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the cust...
S
CVE-2024-0335 Malformed Packet Handling
CVE-2024-0336 Improper Access Control in EMTA Grups PDKS
CVE-2024-0337 Travelpayouts <= 1.1.15 - Open Redirect
E
CVE-2024-0338 Buffer Overflow Vulnerability in XAMPP
S
CVE-2024-0339 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2024-0340 Kernel: information disclosure in vhost/vhost.c:vhost_new_msg()
S
CVE-2024-0341 Inis GET Request File.php path traversal
E
CVE-2024-0342 Inis Sqlite.php sql injection
E
CVE-2024-0343 CodeAstro Simple House Rental System Login Panel cross site scripting
E
CVE-2024-0344 soxft TimeMail check.php sql injection
E
CVE-2024-0345 CodeAstro Vehicle Booking System User Registration usr-register.php cross site scripting
E
CVE-2024-0346 CodeAstro Vehicle Booking System Feedback Page user-give-feedback.php cross site scripting
E
CVE-2024-0347 SourceCodester Engineers Online Portal signup_teacher.php weak password
E
CVE-2024-0348 SourceCodester Engineers Online Portal File Upload resource consumption
E
CVE-2024-0349 SourceCodester Engineers Online Portal missing secure attribute
E
CVE-2024-0350 SourceCodester Engineers Online Portal session expiration
E
CVE-2024-0351 SourceCodester Engineers Online Portal session fixiation
E
CVE-2024-0352 Likeshop HTTP POST Request File.php userFormImage unrestricted upload
E
CVE-2024-0353 Local privilege escalation in Windows products
CVE-2024-0354 unknown-o download-station index.php path traversal
E
CVE-2024-0355 PHPGurukul Dairy Farm Shop Management System add-category.php sql injection
E
CVE-2024-0356 Mandelo ssm_shiro_blog Backend updateRoles access control
E
CVE-2024-0357 coderd-repos Eva HTTP POST Request page sql injection
E
CVE-2024-0358 DeShang DSO2O install.php access control
E
CVE-2024-0359 code-projects Simple Online Hotel Reservation System login.php sql injection
E
CVE-2024-0360 PHPGurukul Hospital Management System edit-doctor-specialization.php sql injection
E
CVE-2024-0361 PHPGurukul Hospital Management System contact.php sql injection
E
CVE-2024-0362 PHPGurukul Hospital Management System change-password.php sql injection
E
CVE-2024-0363 PHPGurukul Hospital Management System patient-search.php sql injection
E
CVE-2024-0364 PHPGurukul Hospital Management System query-details.php sql injection
E
CVE-2024-0365 Fancy Product Designer < 6.1.5 - Admin+ SQL Injection
E
CVE-2024-0366 The Starbox – the Author Box for Humans plugin for WordPress is vulnerable to Insecure Direct Object...
CVE-2024-0367 The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripti...
CVE-2024-0368 The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to ...
S
CVE-2024-0369 The Bulk Edit Post Titles plugin for WordPress is vulnerable to unauthorized modification of data du...
CVE-2024-0370 The Views for WPForms – Display & Edit WPForms Entries on your site frontend plugin for WordPress is...
S
CVE-2024-0371 The Views for WPForms – Display & Edit WPForms Entries on your site frontend plugin for WordPress is...
S
CVE-2024-0372 The Views for WPForms – Display & Edit WPForms Entries on your site frontend plugin for WordPress is...
S
CVE-2024-0373 The Views for WPForms – Display & Edit WPForms Entries on your site frontend plugin for WordPress is...
S
CVE-2024-0374 The Views for WPForms – Display & Edit WPForms Entries on your site frontend plugin for WordPress is...
S
CVE-2024-0376 The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting v...
S
CVE-2024-0377 The LifterLMS – WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to unauthorize...
S
CVE-2024-0378 The AI Engine: Chatbots, Generators, Assistants, GPT 4 and more! plugin for WordPress is vulnerable ...
S
CVE-2024-0379 The Custom Twitter Feeds – A Tweets Widget or X Feed Widget plugin for WordPress is vulnerable to Cr...
S
CVE-2024-0380 The WP Recipe Maker plugin for WordPress is vulnerable to Directory Traversal in all versions up to,...
S
CVE-2024-0381 The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the use of...
S
CVE-2024-0382 The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin...
S
CVE-2024-0383 WP Recipe Maker <= 9.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'group_tag'
S
CVE-2024-0384 The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Recipe Not...
CVE-2024-0385 The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a miss...
S
CVE-2024-0386 The weForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Referer' HTTP...
S
CVE-2024-0387 EDS-4000/G4000 Series IP Forwarding Vulnerability
S
CVE-2024-0389 SourceCodester Student Attendance System attendance_report.php sql injection
E
CVE-2024-0390 Hard-coded credentials in iZZi connect application
CVE-2024-0392 Cross-Site Request Forgery (CSRF) in WSO2 Enterprise Integrator 6.6.0 Management Console Due to Missing CSRF Token Validation
S
CVE-2024-0393 Rejected reason: This CVE ID was unused by the CNA....
R
CVE-2024-0394 Rapid7 Minerva Armor Privilege Escalation
CVE-2024-0395 Rejected reason: NON Security Issue....
R
CVE-2024-0396 Missing Server-Side Input Validation in HTTP Parameter
CVE-2024-0397 Memory race condition in ssl.SSLContext certificate store methods
S
CVE-2024-0399 WooCommerce Customers Manager < 29.7 - Subscriber+ SQL Injection
E
CVE-2024-0400 SCM Software is a client and server application. An Authenticated System manager client can execute ...
CVE-2024-0401 ASUS OVPN RCE
S
CVE-2024-0402 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in GitLab
S
CVE-2024-0403 Recipes 1.5.10 - Blind SSRF
E
CVE-2024-0404 Mass Assignment Vulnerability in mintplex-labs/anything-llm
CVE-2024-0405 The Burst Statistics – Privacy-Friendly Analytics for WordPress plugin, version 1.5.3, is vulnerable...
S
CVE-2024-0406 Mholt/archiver: path traversal vulnerability
CVE-2024-0407 Certain HP Enterprise LaserJet, HP LaserJet Managed Printers – Potential Information Disclosure
CVE-2024-0408 Xorg-x11-server: selinux unlabeled glx pbuffer
M
CVE-2024-0409 Xorg-x11-server: selinux context corruption
M
CVE-2024-0410 Improper Enforcement of Behavioral Workflow in GitLab
E S
CVE-2024-0411 DeShang DSMall HTTP GET Request install.php access control
E
CVE-2024-0412 DeShang DSShop HTTP GET Request install.php access control
E
CVE-2024-0413 DeShang DSKMS install.php access control
E
CVE-2024-0414 DeShang DSCMS install.php access control
E
CVE-2024-0415 DeShang DSMall Image URL TaobaoExport.php access control
E
CVE-2024-0416 DeShang DSMall MemberAuth.php path traversal
E
CVE-2024-0417 DeShang DSShop MemberAuth.php path traversal
E
CVE-2024-0418 iSharer and upRedSun File Sharing Wizard GET Request denial of service
E
CVE-2024-0419 Jasper httpdx HTTP POST Request denial of service
E
CVE-2024-0420 MapPress Maps for WordPress < 2.88.15 - Contributor+ Stored XSS
E
CVE-2024-0421 MapPress Maps for WordPress < 2.88.16 - Unauthenticated Arbitrary Private/Draft Post Disclosure
E
CVE-2024-0422 CodeAstro POS and Inventory Management System New Item Creation Page new_item cross site scripting
E
CVE-2024-0423 CodeAstro Online Food Ordering System dishes.php cross site scripting
E
CVE-2024-0424 CodeAstro Simple Banking System Create a User Page createuser.php cross site scripting
E
CVE-2024-0425 ForU CMS password recovery
E
CVE-2024-0426 ForU CMS cms_template.php sql injection
E
CVE-2024-0427 Arforms < 6.4.1 - Reflected XSS
E
CVE-2024-0428 The Index Now plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to...
S
CVE-2024-0429 Buffer overflow vulnerability on Hex Workshop
CVE-2024-0430 IObit Malware Fighter v11.0.0.1274 - Denial of Service (DoS)
E
CVE-2024-0431 The Gestpay for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all ...
CVE-2024-0432 The Gestpay for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all ...
CVE-2024-0433 The Gestpay for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all ...
CVE-2024-0434 WordPress Tour & Travel Booking Plugin for WooCommerce – WpTravelly <= 1.7.1 - Missing Authorization via ttbm_new_place_save
CVE-2024-0435 User can submit message to self-XSS
S
CVE-2024-0436 Prevent timing attack for single-user password check
S
CVE-2024-0437 Password Protected – Ultimate Plugin to Password Protect Your WordPress Content with Ease <= 2.6.6 - Missing Authorization to Sensitive Information Exposure
CVE-2024-0438 The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
CVE-2024-0439 User can manually send request at manager permission to modify system configurations
E S
CVE-2024-0440 SSRF - file:// unsanitized access to underlying host files
E S
CVE-2024-0442 The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scr...
S
CVE-2024-0443 Kernel: blkio memory leakage due to blkcg and some blkgs are not freed after they are made offline.
M
CVE-2024-0444 GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
S
CVE-2024-0445 The Plus Addons for Elementor <= 5.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2024-0446 Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
CVE-2024-0447 The ArtiBot Free Chat Bot for WordPress WebSites plugin for WordPress is vulnerable to unauthorized ...
CVE-2024-0448 The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting v...
S
CVE-2024-0449 The ArtiBot Free Chat Bot for WordPress WebSites plugin for WordPress is vulnerable to Stored Cross-...
CVE-2024-0450 Quoted zip-bomb protection for zipfile
S
CVE-2024-0451 AI ChatBot <= 5.3.4 - Missing Authorization via openai_file_list_callback
S
CVE-2024-0452 AI ChatBot <= 5.3.4 - Missing Authorization via openai_file_upload_callback
S
CVE-2024-0453 AI ChatBot <= 5.3.4 - Missing Authorization via openai_file_delete_callback
S
CVE-2024-0454 Security Vulnerability on Match-on-Chip FPR Architecture
CVE-2024-0455 SSRF on AWS deployed instances of AnythingLLM via /metadata
E S
CVE-2024-0456 Direct Request ('Forced Browsing') in GitLab
S
CVE-2024-0459 Blood Bank & Donor Management request-received-bydonar.php sql injection
E
CVE-2024-0460 code-projects Faculty Management System student-print.php sql injection
E
CVE-2024-0461 code-projects Online Faculty Clearance HTTP POST Request deactivate.php sql injection
E
CVE-2024-0462 code-projects Online Faculty Clearance HTTP POST Request designee_view_status.php sql injection
E
CVE-2024-0463 code-projects Online Faculty Clearance HTTP POST Request admin_view_info.php sql injection
E
CVE-2024-0464 code-projects Online Faculty Clearance HTTP GET Request delete_faculty.php sql injection
E
CVE-2024-0465 code-projects Employee Profile Management System download.php path traversal
E
CVE-2024-0466 code-projects Employee Profile Management System file_table.php sql injection
E
CVE-2024-0467 code-projects Employee Profile Management System edit_position_query.php cross site scripting
E
CVE-2024-0468 code-projects Fighting Cock Information System new-father.php unrestricted upload
E
CVE-2024-0469 code-projects Human Resource Integrated System update_personal_info.php sql injection
E S
CVE-2024-0470 code-projects Human Resource Integrated System inc_service_credits.php sql injection
E
CVE-2024-0471 code-projects Human Resource Integrated System dec_service_credits.php sql injection
E
CVE-2024-0472 code-projects Dormitory Management System modifyuser.php information disclosure
E
CVE-2024-0473 code-projects Dormitory Management System comment.php sql injection
E
CVE-2024-0474 code-projects Dormitory Management System login.php sql injection
E
CVE-2024-0475 code-projects Dormitory Management System modifyuser.php sql injection
E
CVE-2024-0476 Blood Bank & Donor Management request-received-bydonar.php cross site scripting
E
CVE-2024-0477 code-projects Fighting Cock Information System update-deworm.php sql injection
E
CVE-2024-0478 code-projects Fighting Cock Information System edit_chicken.php sql injection
E
CVE-2024-0479 Taokeyun HTTP POST Request User.php login sql injection
E
CVE-2024-0480 Taokeyun HTTP POST Request Drs.php index sql injection
E
CVE-2024-0481 Taokeyun HTTP POST Request Goods.php shopGoods sql injection
E
CVE-2024-0482 Taokeyun HTTP POST Request Video.php index sql injection
E
CVE-2024-0483 Taokeyun HTTP POST Request Task.php index sql injection
E
CVE-2024-0484 code-projects Fighting Cock Information System update_mother.php sql injection
E
CVE-2024-0485 code-projects Fighting Cock Information System add_con.php sql injection
E
CVE-2024-0486 code-projects Fighting Cock Information System add_con.php sql injection
E
CVE-2024-0487 code-projects Fighting Cock Information System delete-vaccine.php sql injection
E
CVE-2024-0488 code-projects Fighting Cock Information System new-feed.php sql injection
E
CVE-2024-0489 code-projects Fighting Cock Information System edit_chicken.php sql injection
E
CVE-2024-0490 Huaxia ERP getAllList information disclosure
E
CVE-2024-0491 Huaxia ERP UserController.java password recovery
CVE-2024-0492 Kashipara Billing Software HTTP POST Request buyer_detail_submit.php sql injection
E
CVE-2024-0493 Kashipara Billing Software HTTP POST Request submit_delivery_list.php sql injection
E
CVE-2024-0494 Kashipara Billing Software HTTP POST Request material_bill.php sql injection
E
CVE-2024-0495 Kashipara Billing Software HTTP POST Request party_submit.php sql injection
E
CVE-2024-0496 Kashipara Billing Software HTTP POST Request item_list_edit.php sql injection
E
CVE-2024-0497 Campcodes Student Information System sql injection
E
CVE-2024-0498 Project Worlds Lawyer Management System searchLawyer.php sql injection
E
CVE-2024-0499 SourceCodester House Rental Management System index.php cross site scripting
E
CVE-2024-0500 SourceCodester House Rental Management System Manage Tenant Details cross site scripting
E
CVE-2024-0501 SourceCodester House Rental Management System Manage Invoice Details cross site scripting
E
CVE-2024-0502 SourceCodester House Rental Management System Edit User manage_user.php sql injection
E
CVE-2024-0503 code-projects Online FIR System registercomplaint.php cross site scripting
E
CVE-2024-0504 code-projects Simple Online Hotel Reservation System Make a Reservation Page add_reserve.php cross site scripting
E
CVE-2024-0505 ZhongFuCheng3y Austin Upload Material Menu MaterialController.java getFile unrestricted upload
E
CVE-2024-0506 The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable to ...
S
CVE-2024-0507 Privilege Escalation by Code Injection in the Management Console in GitHub Enterprise Server
CVE-2024-0508 The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
S
CVE-2024-0509 The WP 404 Auto Redirect to Similar Post plugin for WordPress is vulnerable to Reflected Cross-Site ...
S
CVE-2024-0510 HaoKeKeJi YiQiNiu Api.php http_post server-side request forgery
E
CVE-2024-0511 The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Fo...
S
CVE-2024-0512 The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Fo...
CVE-2024-0513 The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Fo...
CVE-2024-0514 The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Fo...
CVE-2024-0515 The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Fo...
CVE-2024-0516 The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to unauthorized post met...
CVE-2024-0517 Out of bounds write in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to pote...
CVE-2024-0518 Type confusion in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potential...
CVE-2024-0519 Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker...
KEV
CVE-2024-0520 Remote Code Execution due to Full Controlled File Write in mlflow/mlflow
E S
CVE-2024-0521 Code Injection in paddlepaddle/paddle
E S
CVE-2024-0522 Allegro RomPager HTTP POST Request cross-site request forgery
CVE-2024-0523 CmsEasy language_admin.php getslide_child_action sql injection
E
CVE-2024-0524 CXBSoft Url-shorting index.php sql injection
E
CVE-2024-0525 CXBSoft Url-shorting HTTP POST Request long_s_short.php sql injection
E
CVE-2024-0526 CXBSoft Url-shorting HTTP POST Request short_to_long.php sql injection
E
CVE-2024-0527 CXBSoft Url-shorting HTTP POST Request update_go.php sql injection
E
CVE-2024-0528 CXBSoft Post-Office HTTP POST Request update_go.php sql injection
E
CVE-2024-0529 CXBSoft Post-Office HTTP POST Request login_auth.php sql injection
E
CVE-2024-0530 CXBSoft Post-Office HTTP POST Request reg_go.php sql injection
E
CVE-2024-0531 Tenda A15 Web-based Management Interface setBlackRule stack-based overflow
E
CVE-2024-0532 Tenda A15 Web-based Management Interface WifiExtraSet set_repeat5 stack-based overflow
E
CVE-2024-0533 Tenda A15 Web-based Management Interface SetOnlineDevName stack-based overflow
E
CVE-2024-0534 Tenda A15 Web-based Management Interface SetOnlineDevName stack-based overflow
E
CVE-2024-0535 Tenda PA6 httpd portmap cgiPortMapAdd stack-based overflow
E
CVE-2024-0536 Tenda W9 httpd setWrlAccessList stack-based overflow
E
CVE-2024-0537 Tenda W9 httpd setWrlBasicInfo stack-based overflow
E
CVE-2024-0538 Tenda W9 httpd formQosManage_auto stack-based overflow
E
CVE-2024-0539 Tenda W9 httpd formQosManage_user stack-based overflow
E
CVE-2024-0540 Tenda W9 httpd formOfflineSet stack-based overflow
E
CVE-2024-0541 Tenda W9 httpd formAddSysLogRule stack-based overflow
E
CVE-2024-0542 Tenda W9 httpd formWifiMacFilterGet stack-based overflow
E
CVE-2024-0543 CodeAstro Real Estate Management System propertydetail.php sql injection
E
CVE-2024-0545 CodeCanyon RISE Ultimate Project Manager signin redirect
CVE-2024-0546 EasyFTP LIST Command denial of service
E
CVE-2024-0547 Ability FTP Server APPE Command denial of service
E
CVE-2024-0548 FreeFloat FTP Server SIZE Command denial of service
E
CVE-2024-0549 Relative Path Traversal in mintplex-labs/anything-llm
CVE-2024-0550 Privileged User using traversal to read system files
E S
CVE-2024-0551 Download and export of file via default user role
E S
CVE-2024-0552 Intumit inc. SmartRobot - Remote Code Execution
S
CVE-2024-0553 Gnutls: incomplete fix for cve-2023-5981
E M
CVE-2024-0554 Cross-site scripting (XSS) vulnerability on WIC1200
CVE-2024-0555 Cross-Site Request Forgery (CSRF) vulnerability on WIC1200
CVE-2024-0556 Weak Cryptography for Passwords vulnerability on WIC1200
CVE-2024-0557 DedeBIZ Website Copyright Setting cross site scripting
E
CVE-2024-0558 DedeBIZ makehtml_freelist_action.php sql injection
E
CVE-2024-0559 Enhanced Text Widget < 1.6.6 - Admin+ Stored XSS
E
CVE-2024-0560 Apicast: use_3scale_oidc_issuer_endpoint of token introspection policy isn't compatible with rh-sso 7.5 or later versions
S
CVE-2024-0561 Ultimate Posts Widget < 2.3.1 - Admin+ Stored XSS
E
CVE-2024-0562 Kernel: use-after-free after removing device in wb_inode_writeback_end in mm/page-writeback.c
S
CVE-2024-0563 Denial of service condition in M-Files Server
S
CVE-2024-0564 Kernel: max page sharing of kernel samepage merging (ksm) may cause memory deduplication
E M
CVE-2024-0565 Kernel: cifs filesystem decryption improper input validation remote code execution vulnerability in function receive_encrypted_standard of client
S
CVE-2024-0566 Smart Manager < 8.28.0 - Admin+ SQL Injection
E
CVE-2024-0567 Gnutls: rejects certificate chain with distributed trust
E S
CVE-2024-0568 CWE-287: Improper Authentication vulnerability exists that could cause unauthorized tampering of de...
CVE-2024-0569 Totolink T8 Setting cstecgi.cgi getSysStatusCfg information disclosure
E
CVE-2024-0570 Totolink N350RT Setting cstecgi.cgi access control
CVE-2024-0571 Totolink LR1200GB cstecgi.cgi setSmsCfg stack-based overflow
E
CVE-2024-0572 Totolink LR1200GB cstecgi.cgi setOpModeCfg stack-based overflow
E
CVE-2024-0573 Totolink LR1200GB cstecgi.cgi setDiagnosisCfg stack-based overflow
E
CVE-2024-0574 Totolink LR1200GB cstecgi.cgi setParentalRules stack-based overflow
E
CVE-2024-0575 Totolink LR1200GB cstecgi.cgi setTracerouteCfg stack-based overflow
E
CVE-2024-0576 Totolink LR1200GB cstecgi.cgi setIpPortFilterRules stack-based overflow
E
CVE-2024-0577 Totolink LR1200GB cstecgi.cgi setLanguageCfg stack-based overflow
E
CVE-2024-0578 Totolink LR1200GB cstecgi.cgi UploadCustomModule stack-based overflow
E
CVE-2024-0579 Totolink X2000R formMapDelDevice command injection
E
CVE-2024-0580 Omission of key-controlled authorization in Qsige
S
CVE-2024-0581 Uncontrolled Resource Consumption vulnerability on Sandsprite scdbg
S
CVE-2024-0582 Kernel: io_uring: page use-after-free vulnerability via buffer ring mmap
S
CVE-2024-0584 Rejected reason: Do not use this CVE as it is duplicate of CVE-2023-6932...
R
CVE-2024-0585 The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders ...
S
CVE-2024-0586 The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders ...
S
CVE-2024-0587 The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Reflected Cross-Site...
S
CVE-2024-0588 The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for W...
S
CVE-2024-0589 Cross-site scripting (XSS) vulnerability in the entry overview tab in Devolutions Remote Desktop Man...
CVE-2024-0590 The Microsoft Clarity plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versio...
S
CVE-2024-0591 The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress i...
S
CVE-2024-0592 The Related Posts for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in ...
S
CVE-2024-0593 The Simple Job Board plugin for WordPress is vulnerable to unauthorized access of data| due to insuf...
S
CVE-2024-0594 The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to unio...
S
CVE-2024-0595 The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to unau...
S
CVE-2024-0596 Awesome Support – WordPress HelpDesk & Support Plugin <= 6.1.7 - Missing Authorization via editor_html()
S
CVE-2024-0597 The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
S
CVE-2024-0598 The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to...
E S
CVE-2024-0599 Jspxcms Document Management Page InfoController.java cross site scripting
E
CVE-2024-0601 ZhongFuCheng3y Austin Email Message Template AustinFileUtils.java getRemoteUrl2File server-side request forgery
E
CVE-2024-0602 The YARPP – Yet Another Related Posts Plugin plugin for WordPress is vulnerable to Stored Cross-Site...
E S
CVE-2024-0603 ZhiCms giftcontroller.php deserialization
E
CVE-2024-0604 The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Stored Cross-Si...
E
CVE-2024-0605 Using a javascript: URI with a setTimeout race condition, an attacker can execute unauthorized scrip...
CVE-2024-0606 An attacker could execute unauthorized script on a legitimate site through UXSS using window.open() ...
CVE-2024-0607 Kernel: nf_tables: pointer math issue in nft_byteorder_eval()
S
CVE-2024-0608 The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plu...
CVE-2024-0609 The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plu...
CVE-2024-0610 The Piraeus Bank WooCommerce Payment Gateway plugin for WordPress is vulnerable to time-based blind ...
S
CVE-2024-0611 The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site ...
E
CVE-2024-0612 The Content Views – Post Grid, Slider, Accordion (Gutenberg Blocks and Shortcode) plugin for WordPre...
S
CVE-2024-0613 The Delete Custom Fields plugin for WordPress is vulnerable to Cross-Site Request Forgery in all ver...
CVE-2024-0614 The Events Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin setti...
E S
CVE-2024-0615 The Content Control – The Ultimate Content Restriction Plugin! Restrict Content, Create Conditional ...
CVE-2024-0616 The Passster – Password Protect Pages and Content plugin for WordPress is vulnerable to Sensitive In...
S
CVE-2024-0617 The Category Discount Woocommerce plugin for WordPress is vulnerable to unauthorized modification of...
S
CVE-2024-0618 The Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms plugin f...
E S
CVE-2024-0619 Payflex Payment Gateway <= 2.5.0 - Missing Authorization to Order Status Update
CVE-2024-0620 The PPWP – Password Protect Pages plugin for WordPress is vulnerable to Sensitive Information Exposu...
S
CVE-2024-0621 The Simple Share Buttons Adder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
S
CVE-2024-0622 Local privilege escalation vulnerability could affect OpenText Operations Agent on Non-Windows platforms.
S
CVE-2024-0623 The VK Block Patterns plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versio...
S
CVE-2024-0624 The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for W...
S
CVE-2024-0625 The WPFront Notification Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via t...
S
CVE-2024-0626 The WooCommerce Clover Payment Gateway plugin for WordPress is vulnerable to unauthorized modificati...
CVE-2024-0627 Custom Field Template <= 2.6.1 - Authenticated(Constibutor+) Stored Cross-Site Scripting via Custom Field Name
S
CVE-2024-0628 The WP RSS Aggregator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versi...
S
CVE-2024-0629 The 2Checkout Payment Gateway for WooCommerce plugin for WordPress is vulnerable to unauthorized mod...
CVE-2024-0630 The WP RSS Aggregator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the RSS ...
S
CVE-2024-0631 The Duitku Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data d...
CVE-2024-0632 Automatic Translator with Google Translate <= 1.5.4 - Authenticated (Administrator+) Stored Cross-Site Scripting via Custom Font
CVE-2024-0637 Centreon updateDirectory SQL Injection Remote Code Execution Vulnerability
CVE-2024-0638 Privilege escalation in mk_oracle plugins
CVE-2024-0639 Kernel: potential deadlock on &net->sctp.addr_wq_lock leading to dos
S
CVE-2024-0640 Stored XSS in chatwoot/chatwoot
CVE-2024-0641 Kernel: deadlock leading to denial of service in tipc_crypto_key_revoke
S
CVE-2024-0642 Inadequate access control in C21 Live Encoder and Live Mosaic
S
CVE-2024-0643 Unrestricted upload of dangerous file types in C21 Live Encoder and Live Mosaic
S
CVE-2024-0644 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2024-0645 Buffer Overflow Vulnerability in Explorer++
CVE-2024-0646 Kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination
S
CVE-2024-0647 Sparksuite SimpleMDE iFrame cross site scripting
E
CVE-2024-0648 Yunyou CMS Common.php unrestricted upload
E
CVE-2024-0649 ZhiHuiYun Search ImageController.php download_network_image server-side request forgery
E
CVE-2024-0650 Project Worlds Visitor Management System URL dataset.php cross site scripting
E
CVE-2024-0651 PHPGurukul Company Visitor Management System search-visitor.php sql injection
E
CVE-2024-0652 PHPGurukul Company Visitor Management System search-visitor.php cross site scripting
E
CVE-2024-0653 Custom Field Template <= 2.6.1 - Authenticated (Admin+) Stored Cross-Site Scritping
S
CVE-2024-0654 DeepFaceLab Util.py deserialization
E
CVE-2024-0655 Novel-Plus list sql injection
E
CVE-2024-0656 The Password Protected – Ultimate Plugin to Password Protect Your WordPress Content with Ease plugin...
S
CVE-2024-0657 The Internal Link Juicer: SEO Auto Linker for WordPress plugin for WordPress is vulnerable to Stored...
S
CVE-2024-0658 The Insert PHP Code Snippet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via th...
S
CVE-2024-0659 The Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy) plugin for Wo...
S
CVE-2024-0660 The Formidable Forms – Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder pl...
S
CVE-2024-0662 The FancyBox for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via adm...
S
CVE-2024-0663 Rejected reason: REJECT: This is a false positive report....
R
CVE-2024-0664 The Meks Smart Social Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via t...
S
CVE-2024-0665 The WP Customer Area plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 't...
S
CVE-2024-0667 The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is v...
S
CVE-2024-0668 The Advanced Database Cleaner plugin for WordPress is vulnerable to PHP Object Injection in all vers...
S
CVE-2024-0669 Cross-Frame Scripting (XFS) on Plone CMS
S
CVE-2024-0670 Privilege escalation in windows agent
CVE-2024-0671 Mali GPU Kernel Driver allows improper GPU memory processing operations
S
CVE-2024-0672 Pz-LinkCard <= 2.5.1 - Reflected XSS
E
CVE-2024-0673 Pz-LinkCard <= 2.5.1 - Admin+ Stored XSS
E
CVE-2024-0674 Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines
S
CVE-2024-0675 Improper checking for unusual or exceptional conditions vulnerability in Lamassu Bitcoin ATM Douro machines
S
CVE-2024-0676 Weak password requirement vulnerability in Lamassu Bitcoin ATM Douro machines
S
CVE-2024-0677 Pz-LinkCard <= 2.5.1 - Contributor+ SSRF
E
CVE-2024-0678 The Order Delivery Date for WP e-Commerce plugin for WordPress is vulnerable to Stored Cross-Site Sc...
CVE-2024-0679 The ColorMag theme for WordPress is vulnerable to unauthorized access due to a missing capability ch...
S
CVE-2024-0680 The WP Private Content Plus plugin for WordPress is vulnerable to information disclosure in all vers...
CVE-2024-0681 The Page Restriction WordPress (WP) – Protect WP Pages/Post plugin for WordPress is vulnerable to in...
S
CVE-2024-0682 The Page Restrict plugin for WordPress is vulnerable to information disclosure in all versions up to...
CVE-2024-0683 The Bulgarisation for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to m...
S
CVE-2024-0684 Coreutils: heap overflow in split --line-bytes with very long lines
S
CVE-2024-0685 The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is ...
S
CVE-2024-0686 Rejected reason: Incorrect assignment...
R
CVE-2024-0687 The Restrict User Access – Ultimate Membership & Content Protection plugin for WordPress is vulnerab...
S
CVE-2024-0688 The "WebSub (FKA. PubSubHubbub)" plugin for WordPress is vulnerable to Stored Cross-Site Scripting v...
S
CVE-2024-0689 The Custom Field Suite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a meta ...
S
CVE-2024-0690 Ansible-core: possible information leak in tasks that ignore ansible_no_log configuration
S
CVE-2024-0691 The FileBird plugin for WordPress is vulnerable to Stored Cross-Site Scripting via imported folder t...
S
CVE-2024-0692 SolarWinds Security Event Manager Deserialization of Untrusted Data Remote Code Execution Vulnerability
S
CVE-2024-0693 EFS Easy File Sharing FTP denial of service
E
CVE-2024-0694 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-6620. Reason: T...
R
CVE-2024-0695 EFS Easy Chat Server HTTP GET Request denial of service
E
CVE-2024-0696 AtroCore AtroPIM Product Series Overview cross site scripting
E
CVE-2024-0697 The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Tr...
S
CVE-2024-0698 The Easy!Appointments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plug...
CVE-2024-0699 The AI Engine: Chatbots, Generators, Assistants, GPT 4 and more! plugin for WordPress is vulnerable ...
S
CVE-2024-0700 The Simple Tweet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Tweet thi...
CVE-2024-0701 The UserPro plugin for WordPress is vulnerable to Security Feature Bypass in all versions up to, and...
S
CVE-2024-0702 The Oliver POS – A WooCommerce Point of Sale (POS) plugin for WordPress is vulnerable to unauthorize...
CVE-2024-0703 The Sticky Buttons – floating buttons builder plugin for WordPress is vulnerable to Stored Cross-Sit...
S
CVE-2024-0704 Rejected reason: very low impact - impractical to correct...
R
CVE-2024-0705 The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to SQL Injection via th...
S
CVE-2024-0706 Rejected reason: ***REJECT*** This was a false positive report....
R
CVE-2024-0707 Rejected reason: **REJECT** Not a valid vulnerability....
R
CVE-2024-0708 The Landing Page Cat – Coming Soon Page, Maintenance Page & Squeeze Pages plugin for WordPress is vu...
S
CVE-2024-0709 The Cryptocurrency Widgets – Price Ticker & Coins List plugin for WordPress is vulnerable to SQL Inj...
S
CVE-2024-0710 The GP Unique ID plugin for WordPress is vulnerable to Unique ID Modification in all versions up to,...
CVE-2024-0711 Buttons Shortcode and Widget <= 1.16 - Stored XSS via shortcode
E
CVE-2024-0712 Byzoro Smart S150 Management Platform userattea.php access control
E
CVE-2024-0713 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-28871. Reason: ...
R
CVE-2024-0714 MiczFlor RPi-Jukebox-RFID HTTP Request userScripts.php os command injection
CVE-2024-0715 EL Injection Vulnerability in Hitachi Global Link Manager
CVE-2024-0716 Byzoro Smart S150 Management Platform Backup File download.php information disclosure
E
CVE-2024-0717 D-Link Good Line Router v2 HTTP GET Request devinfo information disclosure
E
CVE-2024-0718 liuwy-dlsdys zhglxt HTTP POST Request edit cross site scripting
E
CVE-2024-0719 Tabs Shortcode and Widget <= 1.17 - Contributor+ Stored Cross-Site Scripting
E
CVE-2024-0720 FactoMineR FactoInvestigate HTML Report Generator cross site scripting
E
CVE-2024-0721 Jspxcms Survey Label cross site scripting
E
CVE-2024-0722 code-projects Social Networking Site Message Page message.php cross site scripting
E
CVE-2024-0723 freeSSHd denial of service
E
CVE-2024-0725 ProSSHD denial of service
E
CVE-2024-0726 Project Worlds Student Project Allocation System Admin Login Module admin_login.php cross site scripting
E
CVE-2024-0727 PKCS12 Decoding crashes
S
CVE-2024-0728 ForU CMS channel.php file inclusion
E
CVE-2024-0729 ForU CMS cms_admin.php sql injection
E
CVE-2024-0730 Project Worlds Online Time Table Generator course_ajax.php sql injection
E
CVE-2024-0731 PCMan FTP Server PUT Command denial of service
E
CVE-2024-0732 PCMan FTP Server STOR Command denial of service
E
CVE-2024-0733 Smsot HTTP POST Request api.php sql injection
E
CVE-2024-0734 Smsot get.php sql injection
E
CVE-2024-0735 SourceCodester Online Tours & Travels Management System expense.php exec sql injection
E
CVE-2024-0736 EFS Easy File Sharing FTP Login denial of service
E
CVE-2024-0737 Xlightftpd Xlight FTP Server Login denial of service
E
CVE-2024-0738 个人开源 mldong DecisionModel.java ExpressionEngine code injection
E
CVE-2024-0739 Hecheng Leadshop leadshop.php deserialization
E
CVE-2024-0740 Eclipse Target Management <= 4.5.500 Command Injection
E S
CVE-2024-0741 An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potent...
CVE-2024-0742 It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally...
CVE-2024-0743 An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. T...
CVE-2024-0744 In some circumstances, JIT compiled code could have dereferenced a wild pointer value. This could ha...
CVE-2024-0745 The WebAudio `OscillatorNode` object was susceptible to a stack buffer overflow. This could have led...
CVE-2024-0746 A Linux user opening the print preview dialog could have caused the browser to crash. This vulnerabi...
CVE-2024-0747 When a parent page loaded a child in an iframe with `unsafe-inline`, the parent Content Security Pol...
CVE-2024-0748 A compromised content process could have updated the document URI. This could have allowed an attack...
CVE-2024-0749 A phishing site could have repurposed an `about:` dialog to show phishing content with an incorrect ...
CVE-2024-0750 A bug in popup notifications delay calculation could have made it possible for an attacker to trick ...
CVE-2024-0751 A malicious devtools extension could have been used to escalate privileges. This vulnerability affec...
CVE-2024-0752 A use-after-free crash could have occurred on macOS if a Firefox update were being applied on a very...
CVE-2024-0753 In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerabil...
CVE-2024-0754 Some WASM source files could have caused a crash when loaded in devtools. This vulnerability affects...
CVE-2024-0755 Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these b...
CVE-2024-0756 Insert or Embed Articulate Content into WordPress <= 4.3000000023 - Iframe Injection
E
CVE-2024-0757 Insert or Embed Articulate Content into WordPress <= 4.3000000023 - Author+ Upload to RCE
E
CVE-2024-0758 MolecularFaces XSS
CVE-2024-0759 Collection of internally resolving IPs
E S
CVE-2024-0760 A flood of DNS messages over TCP may make the server unstable
S
CVE-2024-0761 The File Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all version...
S
CVE-2024-0762 Potential buffer overflow when handling UEFI variables
CVE-2024-0763 Improper validation of document removal parameter
E S
CVE-2024-0765 Default user role exporting save state of instance
E S
CVE-2024-0766 The Envo's Elementor Templates & Widgets for WooCommerce plugin for WordPress is vulnerable to unaut...
CVE-2024-0767 The Envo's Elementor Templates & Widgets for WooCommerce plugin for WordPress is vulnerable to Cross...
CVE-2024-0768 The Envo's Elementor Templates & Widgets for WooCommerce plugin for WordPress is vulnerable to Cross...
CVE-2024-0769 D-Link DIR-859 HTTP POST Request hedwig.cgi path traversal
E
CVE-2024-0770 European Chemicals Agency IUCLID Desktop Installer iuclid6.exe default permission
E
CVE-2024-0771 Nsasoft Product Key Explorer Registration memory corruption
E
CVE-2024-0772 Nsasoft ShareAlarmPro Registration memory corruption
E
CVE-2024-0773 CodeAstro Internet Banking System pages_client_signup.php cross site scripting
E
CVE-2024-0774 Any-Capture Any Sound Recorder Registration memory corruption
E
CVE-2024-0775 Kernel: use-after-free while changing the mount option in __ext4_remount leading
S
CVE-2024-0776 LinZhaoguan pb-cms Comment cross site scripting
E
CVE-2024-0778 Uniview ISC 2500-S VM.php setNatConfig os command injection
E
CVE-2024-0779 Enjoy Social Feed <= 6.2.2 - Unauthenticated Arbitrary Instagram Account Unlinking
E
CVE-2024-0780 Enjoy Social Feed <= 6.2.2 - Subscriber+ Plugin Database Reset
E
CVE-2024-0781 CodeAstro Internet Banking System pages_client_signup.php redirect
E
CVE-2024-0782 CodeAstro Online Railway Reservation System pass-profile.php cross site scripting
E
CVE-2024-0783 Project Worlds Online Admission System documents.php unrestricted upload
E
CVE-2024-0784 hongmaple octopus list sql injection
E
CVE-2024-0786 The Conversios – Google Analytics 4 (GA4), Meta Pixel & more Via Google Tag Manager For WooCommerce ...
S
CVE-2024-0787 Improper Restriction of Excessive Authentication Attempts in phpipam/phpipam
E S
CVE-2024-0788 SUPERAntiSpyware Pro X v10.0.1260 - Kernel-level API parameters manipulation
CVE-2024-0789 WP Maintenance <= 6.1.9.2 - IP Spoofing to Maintenance Mode Bypass
CVE-2024-0790 The WOLF – WordPress Posts Bulk Editor and Manager Professional plugin for WordPress is vulnerable t...
S
CVE-2024-0791 The WOLF – WordPress Posts Bulk Editor and Manager Professional plugin for WordPress is vulnerable t...
S
CVE-2024-0792 The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Si...
S
CVE-2024-0793 Kube-controller-manager: malformed hpa v1 manifest causes crash
M
CVE-2024-0794 Certain LaserJet Pro, HP Enterprise LaserJet, HP LaserJet Managed Printers – Potential Buffer Overflow, Potential Remote Code Execution
CVE-2024-0795 Create user API role not enforced
E S
CVE-2024-0796 The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store plugi...
S
CVE-2024-0797 The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store plugi...
S
CVE-2024-0798 Privilege Escalation in mintplex-labs/anything-llm
E S
CVE-2024-0799 Authentication Bypass via wizardLogin in Arcserve Unified Data Protection
CVE-2024-0800 Authentication Bypass via wizardLogin in Arcserve Unified Data Protection
CVE-2024-0801 Unauthenticated DoS in Arcserve Unified Data Protection
CVE-2024-0802 Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSE...
CVE-2024-0803 Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and ...
CVE-2024-0804 Insufficient policy enforcement in iOS Security UI in Google Chrome prior to 121.0.6167.85 allowed a...
CVE-2024-0805 Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a remote a...
CVE-2024-0806 Use after free in Passwords in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to pot...
CVE-2024-0807 Use after free in Web Audio in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to pot...
CVE-2024-0808 Integer underflow in WebUI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to pote...
CVE-2024-0809 Inappropriate implementation in Autofill in Google Chrome prior to 121.0.6167.85 allowed a remote at...
CVE-2024-0810 Insufficient policy enforcement in DevTools in Google Chrome prior to 121.0.6167.85 allowed an attac...
CVE-2024-0811 Inappropriate implementation in Extensions API in Google Chrome prior to 121.0.6167.85 allowed an at...
CVE-2024-0812 Inappropriate implementation in Accessibility in Google Chrome prior to 121.0.6167.85 allowed a remo...
CVE-2024-0813 Use after free in Reading Mode in Google Chrome prior to 121.0.6167.85 allowed an attacker who convi...
CVE-2024-0814 Incorrect security UI in Payments in Google Chrome prior to 121.0.6167.85 allowed a remote attacker ...
CVE-2024-0815 Command injection in paddle.utils.download._wget_download (bypass filter) in paddlepaddle/paddle 2.6...
E
CVE-2024-0816 The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50(ABVY.4)C0 could allow an a...
CVE-2024-0817 Command injection in IrGraph.draw in paddlepaddle/paddle 2.6.0...
E
CVE-2024-0818 Arbitrary File Overwrite Via Path Traversal in paddlepaddle/paddle before 2.6...
E
CVE-2024-0819 Incomplete protection of personal password settings
CVE-2024-0820 Jobs for WordPress < 2.7.4 - Contributor+ Stored XSS
E
CVE-2024-0821 The Cost of Goods Sold (COGS): Cost & Profit Calculator for WooCommerce plugin for WordPress is vuln...
S
CVE-2024-0822 Ovirt: authentication bypass
E
CVE-2024-0823 The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
S
CVE-2024-0824 The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
S
CVE-2024-0825 The Vimeography: Vimeo Video Gallery WordPress Plugin plugin for WordPress is vulnerable to PHP Obje...
CVE-2024-0826 The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via th...
S
CVE-2024-0827 The Play.ht – Make Your Blog Posts Accessible With Text to Speech Audio plugin for WordPress is vuln...
CVE-2024-0828 The Play.ht – Make Your Blog Posts Accessible With Text to Speech Audio plugin for WordPress is vuln...
CVE-2024-0829 The Comments Extra Fields For Post,Pages and CPT plugin for WordPress is vulnerable to Missing Autho...
S
CVE-2024-0830 The Comments Extra Fields For Post,Pages and CPT plugin for WordPress is vulnerable to Cross-Site Re...
S
CVE-2024-0831 Vault May Expose Sensitive Information When Configuring An Audit Log Device
E
CVE-2024-0832 Privilege Elevation via Telerik Reporting Installer
CVE-2024-0833 Privilege Elevation via Telerik Test Studio
CVE-2024-0834 The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via t...
S
CVE-2024-0835 The Royal Elementor Kit theme for WordPress is vulnerable to unauthorized arbitrary transient update...
S
CVE-2024-0836 The WordPress Review & Structure Data Schema Plugin – Review Schema plugin for WordPress is vulnerab...
S
CVE-2024-0837 The Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Para...
S
CVE-2024-0838 The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
CVE-2024-0839 The FeedWordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all vers...
CVE-2024-0840 Grandstream UCM Series IP PBX HTTP Parameter Injection
S
CVE-2024-0841 Kernel: hugetlbfs: null pointer dereference in hugetlbfs_fill_super function
M
CVE-2024-0842 The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Denial of Se...
S
CVE-2024-0844 The Popup More Popups, Lightboxes, and more popup modules plugin for WordPress is vulnerable to Loca...
S
CVE-2024-0845 PDF Viewer for Elementor <= 2.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via render
CVE-2024-0847 The 5280 Bootstrap Modal Contact Form plugin for WordPress is vulnerable to Cross-Site Request Forge...
CVE-2024-0848 The AA Cash Calculator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ...
CVE-2024-0849 Leanote 2.7.0 - Local File Read
CVE-2024-0851 SQLi in Grup Arge Energy and Control Systems's Smartpower
CVE-2024-0852 coreActivity < 1.8.1 - Unauthenticated Stored XSS
E
CVE-2024-0853 OCSP verification bypass with TLS session reuse
E
CVE-2024-0854 URL redirection to untrusted site ('Open Redirect') vulnerability in file access component in Synolo...
CVE-2024-0855 Spiffy Calendar < 4.9.9 - Broken Access Control
E
CVE-2024-0856 Booking Calendar < 1.3.83 - CSRF appointment scheduling
E
CVE-2024-0857 SQLi in Universal Software's FlexWater Corporate Water Management
CVE-2024-0858 Innovs HR <= 1.0.3.4 - Employee Creation via CSRF
E
CVE-2024-0859 The Affiliates Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versi...
S
CVE-2024-0860 Cleartext Transmission of Sensitive Information in Softing edgeConnector and edgeAggregator
S
CVE-2024-0861 Direct Request ('Forced Browsing') in GitLab
E S
CVE-2024-0862 The Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains a Server-Side Reques...
CVE-2024-0864 RCE in Laragon
CVE-2024-0865 CWE-798: Use of hard-coded credentials vulnerability exists that could cause local privilege escalat...
CVE-2024-0866 The Check & Log Email plugin for WordPress is vulnerable to Unauthenticated Hook Injection in all ve...
CVE-2024-0867 Email Log <= 2.4.8 - Unauthenticated Hook Injection
CVE-2024-0868 coreActivity < 2.1 - Unauthenticated IP Spoofing
E
CVE-2024-0869 The Instant Images – One Click Image Uploads from Unsplash, Openverse, Pixabay and Pexels plugin for...
S
CVE-2024-0870 YITH WooCommerce Gift Cards <= 4.12.0 - Missing Authorization to Unauthenticated WooCommerce Settings Update
CVE-2024-0871 The Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Icon Wi...
S
CVE-2024-0872 The Watu Quiz plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions u...
S
CVE-2024-0873 The Watu Quiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wa...
CVE-2024-0874 Coredns: cd bit response is cached and served later
CVE-2024-0875 Stored XSS in openemr/openemr
E S
CVE-2024-0879 Authentication bypass in vector-admin domain restriction
S
CVE-2024-0880 Qidianbang qdbcrm Password Reset cross-site request forgery
E
CVE-2024-0881 Combo Blocks < 2.2.76 - Unauthenticated Password Protected Posts Access
E
CVE-2024-0882 qwdigital LinkWechat Universal Download Interface resource path traversal
E
CVE-2024-0883 SourceCodester Online Tours & Travels Management System pay.php prepare sql injection
E
CVE-2024-0884 SourceCodester Online Tours & Travels Management System payment.php exec sql injection
E
CVE-2024-0885 SpyCamLizard HTTP GET Request denial of service
E
CVE-2024-0886 Poikosoft EZ CD Audio Converter Activation denial of service
E
CVE-2024-0887 Mafiatic Blue Server Connection denial of service
E
CVE-2024-0888 BORGChat Service Port 7551 denial of service
E
CVE-2024-0889 Kmint21 Golden FTP Server PASV Command denial of service
E
CVE-2024-0890 hongmaple octopus edit sql injection
E
CVE-2024-0891 hongmaple octopus cross site scripting
E
CVE-2024-0892 Schema App Structured Data <= 2.2.0 - Cross-Site Request Forgery
CVE-2024-0893 Schema App Structured Data <= 1.23.1 - Missing Authorization
CVE-2024-0895 The PDF Flipbook, 3D Flipbook – DearFlip plugin for WordPress is vulnerable to Stored Cross-Site Scr...
S
CVE-2024-0896 The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site ...
S
CVE-2024-0897 The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site ...
S
CVE-2024-0898 The Chat Bubble – Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me bac...
CVE-2024-0899 The s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & M...
CVE-2024-0900 The Elespare – Build Your Blog, News & Magazine Websites with Expert-Designed Template Kits. One Cli...
CVE-2024-0901 SEGV and out of bounds memory read from malicious packet
S
CVE-2024-0902 Fancy Product Designer < 6.1.81 - Admin+ Cross Site Scripting via Product Title
E
CVE-2024-0903 The User Feedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds plugin for ...
S
CVE-2024-0904 Fancy Product Designer < 6.1.81 - Admin+ Cross Site Scripting
E
CVE-2024-0905 Fancy Product Designer < 6.1.8 - Reflected Cross Site Scripting
E
CVE-2024-0906 The f(x) Private Site plugin for WordPress is vulnerable to Sensitive Information Exposure in all ve...
CVE-2024-0907 The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerab...
S
CVE-2024-0908 The Advanced Post Block – Display Posts, Pages, or Custom Posts on Your Page plugin for WordPress is...
CVE-2024-0909 The Anonymous Restricted Content plugin for WordPress is vulnerable to information disclosure in all...
S
CVE-2024-0910 Restrict for Elementor <= 1.0.6 - Protection Mechanism Bypass
CVE-2024-0911 Indent: heap-based buffer overflow in set_buf_break()
M
CVE-2024-0912 CCURE passwords exposed to administrators
S
CVE-2024-0913 The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plu...
CVE-2024-0914 Opencryptoki: timing side-channel in handling of rsa pkcs#1 v1.5 padded ciphertexts (marvin)
S
CVE-2024-0916 Unauthenticated Remote Code Execution in UvDesk Community
S
CVE-2024-0917 remote code execution in paddlepaddle/paddle 2.6.0...
E
CVE-2024-0918 TRENDnet TEW-800MB POST Request os command injection
E
CVE-2024-0919 TRENDnet TEW-815DAP POST Request do_setNTP command injection
E
CVE-2024-0920 TRENDnet TEW-822DRE POST Request admin_ping.htm command injection
E
CVE-2024-0921 D-Link DIR-816 A2 Web Interface setDeviceSettings os command injection
E
CVE-2024-0922 Tenda AC10U formQuickIndex stack-based overflow
E
CVE-2024-0923 Tenda AC10U formSetDeviceName stack-based overflow
E
CVE-2024-0924 Tenda AC10U formSetPPTPServer stack-based overflow
E
CVE-2024-0925 Tenda AC10U formSetVirtualSer stack-based overflow
E
CVE-2024-0926 Tenda AC10U formWifiWpsOOB stack-based overflow
E
CVE-2024-0927 Tenda AC10U fromAddressNat stack-based overflow
E
CVE-2024-0928 Tenda AC10U fromDhcpListClient stack-based overflow
E
CVE-2024-0929 Tenda AC10U fromNatStaticSetting stack-based overflow
E
CVE-2024-0930 Tenda AC10U fromSetWirelessRepeat stack-based overflow
E
CVE-2024-0931 Tenda AC10U saveParentControlInfo stack-based overflow
E
CVE-2024-0932 Tenda AC10U setSmartPowerManagement stack-based overflow
E
CVE-2024-0933 Niushop B2B2C Upload.php unrestricted upload
E
CVE-2024-0935 Insertion of Sensitive Information into Log File vulnerabilities affecting DELMIA Apriso Release 2019 through Release 2024
CVE-2024-0936 van_der_Schaar LAB TemporAI PKL File load_from_file deserialization
E
CVE-2024-0937 van_der_Schaar LAB synthcity PKL File load_from_file deserialization
E
CVE-2024-0938 Tongda OA 2017 delete_webmail.php sql injection
E
CVE-2024-0939 Byzoro Smart S210 Management Platform uploadfile.php unrestricted upload
E
CVE-2024-0941 Novel-Plus list sql injection
E
CVE-2024-0942 Totolink N200RE V5 cstecgi.cgi session expiration
E
CVE-2024-0943 Totolink N350RT cstecgi.cgi session expiration
E
CVE-2024-0944 Totolink T8 cstecgi.cgi session expiration
E
CVE-2024-0945 60IndexPage Parameter file.php server-side request forgery
E
CVE-2024-0946 60IndexPage Parameter index.php server-side request forgery
E
CVE-2024-0947 Cookies Manipulation in Talya Informatics' Elektraweb
CVE-2024-0948 NetBox Home Page Configuration config-revisions cross site scripting
E
CVE-2024-0949 Improper Access Control in Talya Informatics' Elektraweb
CVE-2024-0951 Advanced Social Feeds Widget & Shortcode <= 1.7 - Admin+ Stored XSS
E
CVE-2024-0952 The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plu...
S
CVE-2024-0953 When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before being ...
E
CVE-2024-0954 The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders ...
S
CVE-2024-0955 Stored XSS vulnerability
S
CVE-2024-0956 The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plu...
CVE-2024-0957 The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress...
S
CVE-2024-0958 CodeAstro Stock Management System Add Category index.php cross site scripting
E
CVE-2024-0959 StanfordVL GibsonEnv pposgd_fuse.py cloudpickle.load deserialization
E
CVE-2024-0960 flink-extended ai-flow workflow_command.py cloudpickle.loads deserialization
E
CVE-2024-0961 The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ...
S
CVE-2024-0962 obgm libcoap Configuration File coap_oscore.c get_split_entry stack-based overflow
E S
CVE-2024-0963 The Calculated Fields Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
S
CVE-2024-0964 LFI in Gradio
E S
CVE-2024-0965 The Simple Page Access Restriction plugin for WordPress is vulnerable to Sensitive Information Expos...
S
CVE-2024-0966 The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin...
S
CVE-2024-0967 OpenText / Micro Focus ArcSight Enterprise Security Manager Remote Vulnerability
CVE-2024-0968 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as the vu...
R
CVE-2024-0969 The ARMember plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up...
S
CVE-2024-0970 User Activity Tracking and Log < 4.1.4 - IP Spoofing
E
CVE-2024-0971 A SQL injection vulnerability exists where an authenticated, low-privileged remote attacker could p...
S
CVE-2024-0972 BuddyPress Members Only <= 3.3.5 - Improper Access Control to Sensitive Information Exposure via REST API
CVE-2024-0973 Widget for Social Page Feeds < 6.4 - Admin+ Stored XSS
E
CVE-2024-0974 Social Media Widget < 4.0.9 - Admin+ Stored XSS
E
CVE-2024-0975 The WordPress Access Control plugin for WordPress is vulnerable to Sensitive Information Exposure in...
S
CVE-2024-0976 The WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin for Word...
S
CVE-2024-0977 The Timeline Widget For Elementor (Elementor Timeline, Vertical & Horizontal Timeline) plugin for Wo...
S
CVE-2024-0978 The My Private Site plugin for WordPress is vulnerable to Sensitive Information Exposure in all vers...
S
CVE-2024-0979 Dashboard Widgets Suite <= 3.4.3 - Reflected Cross-Site Scripting
S
CVE-2024-0980 The Auto-update service for Okta Verify for Windows is vulnerable to two flaws which in combination ...
CVE-2024-0981 Okta Browser Plugin versions 6.5.0 through 6.31.0 (Chrome/Edge/Firefox/Safari) are vulnerable to cro...
S
CVE-2024-0983 The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modifica...
CVE-2024-0984 The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to unauthorized modifica...
CVE-2024-0985 PostgreSQL non-owner REFRESH MATERIALIZED VIEW CONCURRENTLY executes arbitrary SQL
M
CVE-2024-0986 Issabel PBX Asterisk-Cli os command injection
E
CVE-2024-0987 Sichuan Yougou Technology KuERP log neutralization for logs
E
CVE-2024-0988 Sichuan Yougou Technology KuERP common.php checklogin improper authentication
E
CVE-2024-0989 Sichuan Yougou Technology KuERP Service.php del_sn_db path traversal
E
CVE-2024-0990 Tenda i6 httpd setAutoPing formSetAutoPing stack-based overflow
E
CVE-2024-0991 Tenda i6 httpd setcfm formSetCfm stack-based overflow
E
CVE-2024-0992 Tenda i6 httpd wifiSSIDset formwrlSSIDset stack-based overflow
E
CVE-2024-0993 Tenda i6 httpd WifiMacFilterGet formWifiMacFilterGet stack-based overflow
E
CVE-2024-0994 Tenda W6 httpd setcfm formSetCfm stack-based overflow
E
CVE-2024-0995 Tenda W6 httpd wifiSSIDset formwrlSSIDset stack-based overflow
E
CVE-2024-0996 Tenda i9 httpd setcfm formSetCfm stack-based overflow
E
CVE-2024-0997 Totolink N200RE cstecgi.cgi setOpModeCfg stack-based overflow
E
CVE-2024-0998 Totolink N200RE cstecgi.cgi setDiagnosisCfg stack-based overflow
E
CVE-2024-0999 Totolink N200RE cstecgi.cgi setParentalRules stack-based overflow
E
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.