| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2024-30000 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability | S | |
| CVE-2024-30001 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability | S | |
| CVE-2024-30002 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability | S | |
| CVE-2024-30003 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability | S | |
| CVE-2024-30004 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability | S | |
| CVE-2024-30005 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability | S | |
| CVE-2024-30006 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | | |
| CVE-2024-30007 | Microsoft Brokering File System Elevation of Privilege Vulnerability | | |
| CVE-2024-30008 | Windows DWM Core Library Information Disclosure Vulnerability | | |
| CVE-2024-30009 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | | |
| CVE-2024-30010 | Windows Hyper-V Remote Code Execution Vulnerability | | |
| CVE-2024-30011 | Windows Hyper-V Denial of Service Vulnerability | | |
| CVE-2024-30012 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability | | |
| CVE-2024-30013 | Windows MultiPoint Services Remote Code Execution Vulnerability | S | |
| CVE-2024-30014 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | | |
| CVE-2024-30015 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | | |
| CVE-2024-30016 | Windows Cryptographic Services Information Disclosure Vulnerability | | |
| CVE-2024-30017 | Windows Hyper-V Remote Code Execution Vulnerability | | |
| CVE-2024-30018 | Windows Kernel Elevation of Privilege Vulnerability | | |
| CVE-2024-30019 | DHCP Server Service Denial of Service Vulnerability | | |
| CVE-2024-30020 | Windows Cryptographic Services Remote Code Execution Vulnerability | | |
| CVE-2024-30021 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability | | |
| CVE-2024-30022 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | | |
| CVE-2024-30023 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | | |
| CVE-2024-30024 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | | |
| CVE-2024-30025 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | | |
| CVE-2024-30027 | NTFS Elevation of Privilege Vulnerability | | |
| CVE-2024-30028 | Win32k Elevation of Privilege Vulnerability | | |
| CVE-2024-30029 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | | |
| CVE-2024-30030 | Win32k Elevation of Privilege Vulnerability | S | |
| CVE-2024-30031 | Windows CNG Key Isolation Service Elevation of Privilege Vulnerability | | |
| CVE-2024-30032 | Windows DWM Core Library Elevation of Privilege Vulnerability | | |
| CVE-2024-30033 | Windows Search Service Elevation of Privilege Vulnerability | | |
| CVE-2024-30034 | Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability | | |
| CVE-2024-30035 | Windows DWM Core Library Elevation of Privilege Vulnerability | | |
| CVE-2024-30036 | Windows Deployment Services Information Disclosure Vulnerability | | |
| CVE-2024-30037 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | | |
| CVE-2024-30038 | Win32k Elevation of Privilege Vulnerability | | |
| CVE-2024-30039 | Windows Remote Access Connection Manager Information Disclosure Vulnerability | | |
| CVE-2024-30040 | Windows MSHTML Platform Security Feature Bypass Vulnerability | KEV S | |
| CVE-2024-30041 | Microsoft Bing Search Spoofing Vulnerability | | |
| CVE-2024-30042 | Microsoft Excel Remote Code Execution Vulnerability | | |
| CVE-2024-30043 | Microsoft SharePoint Server Information Disclosure Vulnerability | | |
| CVE-2024-30044 | Microsoft SharePoint Server Remote Code Execution Vulnerability | | |
| CVE-2024-30045 | .NET and Visual Studio Remote Code Execution Vulnerability | | |
| CVE-2024-30046 | Visual Studio Denial of Service Vulnerability | | |
| CVE-2024-30047 | Dynamics 365 Customer Insights Spoofing Vulnerability | | |
| CVE-2024-30048 | Dynamics 365 Customer Insights Spoofing Vulnerability | | |
| CVE-2024-30049 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | | |
| CVE-2024-30050 | Windows Mark of the Web Security Feature Bypass Vulnerability | | |
| CVE-2024-30051 | Windows DWM Core Library Elevation of Privilege Vulnerability | KEV S | |
| CVE-2024-30052 | Visual Studio Remote Code Execution Vulnerability | S | |
| CVE-2024-30053 | Azure Migrate Cross-Site Scripting Vulnerability | | |
| CVE-2024-30054 | Microsoft Power BI Client JavaScript SDK Information Disclosure Vulnerability | | |
| CVE-2024-30055 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | | |
| CVE-2024-30056 | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | | |
| CVE-2024-30057 | Microsoft Edge for iOS Spoofing Vulnerability | S | |
| CVE-2024-30058 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | | |
| CVE-2024-30059 | Microsoft Intune for Android Mobile Application Management Tampering Vulnerability | | |
| CVE-2024-30060 | Azure Monitor Agent Elevation of Privilege Vulnerability | | |
| CVE-2024-30061 | Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability | S | |
| CVE-2024-30062 | Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability | S | |
| CVE-2024-30063 | Windows Distributed File System (DFS) Remote Code Execution Vulnerability | S | |
| CVE-2024-30064 | Windows Kernel Elevation of Privilege Vulnerability | S | |
| CVE-2024-30065 | Windows Themes Denial of Service Vulnerability | S | |
| CVE-2024-30066 | Winlogon Elevation of Privilege Vulnerability | S | |
| CVE-2024-30067 | Winlogon Elevation of Privilege Vulnerability | S | |
| CVE-2024-30068 | Windows Kernel Elevation of Privilege Vulnerability | S | |
| CVE-2024-30069 | Windows Remote Access Connection Manager Information Disclosure Vulnerability | S | |
| CVE-2024-30070 | DHCP Server Service Denial of Service Vulnerability | S | |
| CVE-2024-30071 | Windows Remote Access Connection Manager Information Disclosure Vulnerability | S | |
| CVE-2024-30072 | Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability | S | |
| CVE-2024-30073 | Windows Security Zone Mapping Security Feature Bypass Vulnerability | S | |
| CVE-2024-30074 | Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability | S | |
| CVE-2024-30075 | Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability | S | |
| CVE-2024-30076 | Windows Container Manager Service Elevation of Privilege Vulnerability | S | |
| CVE-2024-30077 | Windows OLE Remote Code Execution Vulnerability | S | |
| CVE-2024-30078 | Windows Wi-Fi Driver Remote Code Execution Vulnerability | S | |
| CVE-2024-30079 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | S | |
| CVE-2024-30080 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | S | |
| CVE-2024-30081 | Windows NTLM Spoofing Vulnerability | S | |
| CVE-2024-30082 | Win32k Elevation of Privilege Vulnerability | S | |
| CVE-2024-30083 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability | S | |
| CVE-2024-30084 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | S | |
| CVE-2024-30085 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | S | |
| CVE-2024-30086 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | S | |
| CVE-2024-30087 | Win32k Elevation of Privilege Vulnerability | S | |
| CVE-2024-30088 | Windows Kernel Elevation of Privilege Vulnerability | KEV S | |
| CVE-2024-30089 | Microsoft Streaming Service Elevation of Privilege Vulnerability | S | |
| CVE-2024-30090 | Microsoft Streaming Service Elevation of Privilege Vulnerability | S | |
| CVE-2024-30091 | Win32k Elevation of Privilege Vulnerability | S | |
| CVE-2024-30092 | Windows Hyper-V Remote Code Execution Vulnerability | | |
| CVE-2024-30093 | Windows Storage Elevation of Privilege Vulnerability | S | |
| CVE-2024-30094 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | S | |
| CVE-2024-30095 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | S | |
| CVE-2024-30096 | Windows Cryptographic Services Information Disclosure Vulnerability | S | |
| CVE-2024-30097 | Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability | S | |
| CVE-2024-30098 | Windows Cryptographic Services Security Feature Bypass Vulnerability | S | |
| CVE-2024-30099 | Windows Kernel Elevation of Privilege Vulnerability | S | |
| CVE-2024-30100 | Microsoft SharePoint Server Remote Code Execution Vulnerability | S | |
| CVE-2024-30101 | Microsoft Office Remote Code Execution Vulnerability | S | |
| CVE-2024-30102 | Microsoft Office Remote Code Execution Vulnerability | S | |
| CVE-2024-30103 | Microsoft Outlook Remote Code Execution Vulnerability | S | |
| CVE-2024-30104 | Microsoft Office Remote Code Execution Vulnerability | S | |
| CVE-2024-30105 | .NET and Visual Studio Denial of Service Vulnerability | S | |
| CVE-2024-30106 | HCL Connections is vulnerable to an information disclosure vulnerability | | |
| CVE-2024-30107 | HCL Connections is vulnerable to broken access control | | |
| CVE-2024-30109 | Lack of Clickjacking Protection vulnerability affects DRYiCE AEX v10 | | |
| CVE-2024-30110 | Lack of input validation vulnerability affects DRYiCE AEX v10 | | |
| CVE-2024-30111 | Missing Root Detection vulnerability affects DRYiCE AEX v10 | | |
| CVE-2024-30112 | HCL Connections is vulnerable to a cross-site scripting (XSS) vulnerability | | |
| CVE-2024-30113 | HCL Leap is affected by a cross-site scripting (XSS) vulnerability | | |
| CVE-2024-30114 | HCL Leap is affected by a cross-site scripting (XSS) vulnerability | | |
| CVE-2024-30115 | HCL Domino Volt and Domino Leap are affected by a cross-site scripting (XSS) vulnerability | | |
| CVE-2024-30117 | HCL BigFix Platform is affected by a DLL Hijack vulnerability | | |
| CVE-2024-30118 | HCL Connections is susceptible to a sensitive information disclosure vulnerability | | |
| CVE-2024-30119 | HCL DRYiCE Optibot Reset Station is impacted by a missing Strict Transport Security Header | | |
| CVE-2024-30120 | HCL DRYiCE Optibot Reset Station is impacted by an Unused Parameter in the web application | | |
| CVE-2024-30122 | HCL Sametime is impacted by misconfigured security related HTTP headers | | |
| CVE-2024-30124 | HCL Sametime is impacted by insecure services | | |
| CVE-2024-30125 | HCL BigFix Compliance is affected by an internal server error | | |
| CVE-2024-30126 | HCL BigFix Compliance is affected by a missing X-Frame-Options Header vulnerability | | |
| CVE-2024-30127 | HCL Leap is affected by missing "no cache" headers | | |
| CVE-2024-30128 | An open proxy vulnerability affects HCL Nomad server on Domino | | |
| CVE-2024-30129 | HCL Nomad server on Domino is affected by a host header injection vulnerability | | |
| CVE-2024-30130 | HCL Nomad server on Domino is affected by a use of web browser cache containing sensitive information vulnerability | | |
| CVE-2024-30132 | Missing default HTTP security headers affect HCL Nomad server on Domino | | |
| CVE-2024-30133 | HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a control flow vulnerability | | |
| CVE-2024-30134 | HCL Traveler for Microsoft Outlook (HTMO) is susceptible to an application modification vulnerability | | |
| CVE-2024-30135 | Sensitive Information Disclosure vulnerability affects DRYiCE AEX v10 | | |
| CVE-2024-30140 | HCL BigFix Compliance is affected by unvalidated redirects and forwards | | |
| CVE-2024-30141 | HCL BigFix Compliance is vulnerable to the generation of error messages containing sensitive information | | |
| CVE-2024-30142 | HCL BigFix Compliance is affected by a missing secure flag on a cookie | | |
| CVE-2024-30143 | A path traversal vulnerability in HCL AppScan Traffic Recorder | | |
| CVE-2024-30145 | HCL Domino Volt and Domino Leap are affected by a cross-site scripting (XSS) vulnerability | | |
| CVE-2024-30146 | HCL Domino Leap is affected by improper access control | | |
| CVE-2024-30147 | HCL Leap is affected by a cross-site scripting (XSS) vulnerability | | |
| CVE-2024-30148 | HCL Leap is affected by improper access control | | |
| CVE-2024-30149 | HCL AppScan Source is affected by an expired TLS/SSL certificate | | |
| CVE-2024-30150 | An unauthenticated privilege escalation vulnerability affects HCL MyCloud | | |
| CVE-2024-30152 | HCL SX is affected by usage of a weak cryptographic algorithm | | |
| CVE-2024-30154 | HCL SX is susceptible to a Cross-Site Request Forgery (CSRF) vulnerability | | |
| CVE-2024-30155 | HCL SX is susceptible to cookie with Insecure, Improper, or Missing SameSite attribute vulnerability | | |
| CVE-2024-30156 | Varnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 LTS), and Varnish Enterprise 6 ... | | |
| CVE-2024-30157 | A vulnerability in the Suite Applications Services component of Mitel MiCollab through 9.7.1.110 cou... | | |
| CVE-2024-30158 | A vulnerability in the web conferencing component of Mitel MiCollab through 9.7.1.110 could allow an... | | |
| CVE-2024-30159 | A vulnerability in the web conferencing component of Mitel MiCollab through 9.7.1.110 could allow an... | | |
| CVE-2024-30160 | A vulnerability in the Suite Applications Services component of Mitel MiCollab through 9.7.1.110 cou... | | |
| CVE-2024-30161 | In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in... | | |
| CVE-2024-30162 | Invision Community through 4.7.16 allows remote code execution via the applications/core/modules/adm... | | |
| CVE-2024-30163 | Invision Community before 4.7.16 allow SQL injection via the applications/nexus/modules/front/store/... | E | |
| CVE-2024-30164 | Amazon AWS Client VPN has a buffer overflow that could potentially allow a local actor to execute ar... | | |
| CVE-2024-30165 | Amazon AWS Client VPN before 3.9.1 on macOS has a buffer overflow that could potentially allow a loc... | | |
| CVE-2024-30166 | In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can cause information disclosure or... | | |
| CVE-2024-30170 | PrivX before 34.0 allows data exfiltration and denial of service via the REST API. This is fixed in ... | E | |
| CVE-2024-30171 | An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based le... | | |
| CVE-2024-30172 | An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification... | | |
| CVE-2024-30176 | In Logpoint before 7.4.0, an attacker can enumerate a valid list of usernames by using publicly expo... | | |
| CVE-2024-30177 | WordPress Exclusive Addons for Elementor plugin <= 2.6.8 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30178 | WordPress Simply Static plugin <= 3.1.3 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30179 | WordPress Bold Page Builder plugin <= 4.7.6 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30180 | WordPress Easy Social Feed plugin <= 6.5.3 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30181 | WordPress Locatoraid Store Locator plugin <= 3.9.30 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30182 | WordPress HT Mega – Absolute Addons For Elementor plugin <= 2.4.3 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30183 | WordPress WPBakery Page Builder Addons by Livemesh plugin <= 3.7 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30184 | WordPress Popup Builder plugin <= 4.2.6 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30185 | WordPress Element Pack Elementor Addons plugin <= 5.5.3 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30186 | WordPress Prime Slider plugin <= 3.13.1 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30187 | Anope before 2.0.15 does not prevent resetting the password of a suspended account.... | E S | |
| CVE-2024-30188 | Apache DolphinScheduler: Resource File Read And Write Vulnerability | | |
| CVE-2024-30189 | A vulnerability has been identified in SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0) (All versions), SCA... | | |
| CVE-2024-30190 | A vulnerability has been identified in SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0), SCALANCE W1748-1 M... | | |
| CVE-2024-30191 | A vulnerability has been identified in SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0), SCALANCE W1748-1 M... | | |
| CVE-2024-30192 | WordPress Pinterest Plugin <= 1.8.2 - Cross Site Scripting (XSS) | S | |
| CVE-2024-30193 | WordPress Church Admin plugin <= 4.1.17 - Stored Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30194 | WordPress Sunshine Photo Cart plugin <= 3.1.1 - Reflected Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30195 | WordPress New RoyalSlider plugin <= 3.4.2 - Reflected Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30196 | WordPress Easy Social Share Buttons plugin <= 9.4 - Reflected Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30197 | WordPress Church Admin plugin <= 4.0.26 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30198 | WordPress Buddyforms plugin <= 2.8.5 - Reflected Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30199 | WordPress WP-Lister Lite for Amazon plugin <= 2.6.8 - Reflected Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30200 | WordPress BEAR plugin <= 1.1.4.2 - Reflected Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30201 | WordPress WP Smart Import plugin <= 1.0.4 - Reflected Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30202 | In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects ... | S | |
| CVE-2024-30203 | In Emacs before 29.3, Gnus treats inline MIME contents as trusted.... | S | |
| CVE-2024-30204 | In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments.... | S | |
| CVE-2024-30205 | In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mo... | S | |
| CVE-2024-30206 | A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions <... | | |
| CVE-2024-30207 | A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions <... | | |
| CVE-2024-30208 | A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions <... | | |
| CVE-2024-30209 | A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions <... | | |
| CVE-2024-30210 | IOSIX IO-1020 Micro ELD Use of Default Credentials | S | |
| CVE-2024-30211 | Improper access control in some Intel(R) ME driver pack installer engines before version 2422.6.2.0 ... | | |
| CVE-2024-30212 | Microchip Harmony 3 Core library allows read and write access to RAM via a SCSI READ or WRITE command | S | |
| CVE-2024-30213 | StoneFly Storage Concentrator (SC and SCVM) before 8.0.4.26 allows remote authenticated users to ach... | | |
| CVE-2024-30214 | Cross-Site Scripting (XSS) vulnerability in SAP Business Connector | | |
| CVE-2024-30215 | Cross-Site Scripting (XSS) vulnerability in SAP Business Connector | | |
| CVE-2024-30216 | Missing Authorization check in SAP S/4 HANA (Cash Management) | | |
| CVE-2024-30217 | Missing Authorization check in SAP S/4 HANA (Cash Management) | | |
| CVE-2024-30218 | Denial of service (DOS) vulnerability in SAP NetWeaver AS ABAP and ABAP Platform | | |
| CVE-2024-30219 | Active debug code vulnerability exists in PLANEX COMMUNICATIONS wireless LAN routers. If a logged-in... | | |
| CVE-2024-30220 | Command injection vulnerability in PLANEX COMMUNICATIONS wireless LAN routers allows a network-adjac... | | |
| CVE-2024-30221 | WordPress Sunshine Photo Cart plugin <= 3.1.1 - PHP Object Injection vulnerability | S | |
| CVE-2024-30222 | WordPress ARMember plugin <= 4.0.26 - PHP Object Injection vulnerability | S | |
| CVE-2024-30223 | WordPress ARMember plugin <= 4.0.26 - Unauthenticated PHP Object Injection vulnerability | S | |
| CVE-2024-30224 | WordPress WholesaleX plugin <= 1.3.2 - Unauthenticated PHP Object Injection vulnerability | S | |
| CVE-2024-30225 | WordPress WP Migrate plugin <= 2.6.10 - Unauthenticated PHP Object Injection vulnerability | S | |
| CVE-2024-30226 | WordPress BetterDocs plugin <= 3.3.3 - Unauthenticated PHP Object Injection vulnerability | S | |
| CVE-2024-30227 | WordPress Geo Controller plugin <= 8.6.4 - PHP Object Injection vulnerability | S | |
| CVE-2024-30228 | WordPress Hercules Core plugin <= 6.4 - Auth. PHP Object Injection vulnerability | S | |
| CVE-2024-30229 | WordPress Give plugin <= 3.4.2 - PHP Object Injection vulnerability | S | |
| CVE-2024-30230 | WordPress PDF Invoices and Packing Slips For WooCommerce plugin <= 1.3.7 - PHP Object Injection vulnerability | S | |
| CVE-2024-30231 | WordPress Product Import Export for WooCommerce plugin <= 2.4.1 - Arbitrary File Upload vulnerability | S | |
| CVE-2024-30232 | WordPress Exclusive Addons for Elementor plugin <= 2.6.9 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30233 | WordPress WholesaleX plugin <= 1.3.1 - Sensitive Data Exposure on User Export vulnerability | S | |
| CVE-2024-30234 | WordPress WholesaleX plugin <= 1.3.1 - Broken Access Control vulnerability | S | |
| CVE-2024-30235 | WordPress Multiple Page Generator Plugin – MPG plugin <= 3.4.0 - Broken Access Control vulnerability | S | |
| CVE-2024-30236 | WordPress Contest Gallery plugin <= 21.3.4 - SQL Injection vulnerability | S | |
| CVE-2024-30237 | WordPress Slider by Supsystic plugin <= 1.8.10 - SQL Injection vulnerability | S | |
| CVE-2024-30238 | WordPress Photos and Files Contest Gallery plugin <= 21.3.2 - SQL Injection vulnerability | S | |
| CVE-2024-30239 | WordPress Zoho Campaigns plugin <= 2.0.6 - SQL Injection vulnerability | S | |
| CVE-2024-30240 | WordPress Calendarista plugin <= 15.5.7 - SQL Injection vulnerability | S | |
| CVE-2024-30241 | WordPress ProfileGrid – User Profiles, Memberships, Groups and Communities plugin <= 5.7.1 - Contributor+ SQL Injection vulnerability | S | |
| CVE-2024-30242 | WordPress Contact Form to Any API plugin <= 1.1.8 - Auth. SQL Injection vulnerability | S | |
| CVE-2024-30243 | WordPress Tooltips plugin < 9.4.5 - Auth. SQL Injection vulnerability | S | |
| CVE-2024-30244 | WordPress Church Admin plugin <= 4.0.27 - SQL Injection via shortcode vulnerability | S | |
| CVE-2024-30245 | WordPress DecaLog plugin <= 3.9.0 - SQL Injection vulnerability | S | |
| CVE-2024-30246 | Tuleap deleting or moving an artifact can delete values from unrelated artifacts | S | |
| CVE-2024-30247 | Command Injection as root in NextCloudPi web panel | | |
| CVE-2024-30248 | Piccolo Admin's raw SVG loading may lead to complete data compromise from admin page | | |
| CVE-2024-30249 | Cloudburst Network DoS in RakNet connection handling | | |
| CVE-2024-30250 | In Astro-Shield, setting a correct `integrity` attribute to injected code allows to bypass the allow-lists | | |
| CVE-2024-30251 | Denial of service when trying to parse malformed POST requests in aiohttp | | |
| CVE-2024-30252 | GitHub Security Lab (GHSL) Vulnerability Report, livemarks: `GHSL-2024-015` | | |
| CVE-2024-30253 | Handling untrusted input can result in a crash, leading to loss of availability / denial of service | | |
| CVE-2024-30254 | Directory traversal allowing overwriting arbitrary files | | |
| CVE-2024-30255 | HTTP/2: CPU exhaustion due to CONTINUATION frame flood | | |
| CVE-2024-30256 | Open WebUI vulnerable to server-side request forgery in utils.py | | |
| CVE-2024-30257 | 1Panel's password verification is suspected to have a timing attack vulnerability | | |
| CVE-2024-30258 | FastDDS crash when publisher send malformed packet | E S | |
| CVE-2024-30259 | FastDDS heap buffer overflow when publisher sends malformed packet | E | |
| CVE-2024-30260 | Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline | S | |
| CVE-2024-30261 | Undici's fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect | E S | |
| CVE-2024-30262 | Contao's remember-me tokens will not be cleared after a password change | S | |
| CVE-2024-30263 | The PDF Viewer macro can be used to view PDF attachments with restricted access | | |
| CVE-2024-30264 | typebot.io: `GHSL-2024-040` | | |
| CVE-2024-30265 | Voilà Local file inclusion | | |
| CVE-2024-30266 | Wasmtime vulnerable to panic when using a dropped extenref-typed element segment | | |
| CVE-2024-30268 | Cacti XSS vulnerability in display_settings | | |
| CVE-2024-30269 | DataEase has database configuration information exposure vulnerability | | |
| CVE-2024-30270 | mailcow Path Traversal and Arbitrary Code Execution Vulnerability | | |
| CVE-2024-30271 | Adobe Illustrator 2023 CC 27.7 Memory Corruption Out-Of-Bounds-Write Vulnerability III. | | |
| CVE-2024-30272 | Adobe Illustrator 2024 GIF file parsing Out-Of-Bound Write remote code execution vulnerabiity | | |
| CVE-2024-30273 | Adobe Illustrator 2024 PS file Parsing Stack based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2024-30274 | Adobe Substance 3D Painter ABC File Parsing An Out-Of-Bounds Write Vulnerability | | |
| CVE-2024-30275 | Adobe Aero Beta has an arbitrary code execution vulnerability when parsing svg files | | |
| CVE-2024-30276 | Adobe Audition 2024 M2V File Parsing Memory corruption | | |
| CVE-2024-30278 | Adobe Media Encoder 2024 TGA File parsing memory corruption | | |
| CVE-2024-30279 | ZDI-CAN-22887: Adobe Acrobat Reader DC JPEG2000 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2024-30280 | ZDI-CAN-22867: Adobe Acrobat Pro DC AcroForm Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2024-30281 | Substance3D - Designer | Out-of-bounds Read (CWE-125) | | |
| CVE-2024-30282 | Adobe Animate 2024 Out of Bound Write Remote Code Execution Vulnerability | | |
| CVE-2024-30283 | Adobe FrameMaker ICO File Parsing Heap Memory Corruption | | |
| CVE-2024-30284 | ZDI-CAN-23466: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30285 | Adobe Audition 2024 MP4 File Parsing Null Pointer Dereference | | |
| CVE-2024-30286 | Adobe FrameMaker DOC File Parsing Memory Corruption | | |
| CVE-2024-30287 | Adobe FrameMaker PDF File Pparsing Out of Bound Read | | |
| CVE-2024-30288 | Adobe FrameMaker 3DS File Parsing Heap Memory Corruption | | |
| CVE-2024-30289 | Adobe FrameMaker XLS File Parsing Buffer Overflow | | |
| CVE-2024-30290 | Adobe FrameMaker WEBP File Parsing Out Of Bound Write | | |
| CVE-2024-30291 | Adobe FrameMaker TIF File parsing Out Of Bound Write | | |
| CVE-2024-30292 | Adobe FrameMaker GIF File parsing Out Of Bound Write | | |
| CVE-2024-30293 | Adobe Animate 2024 AI File parsing Stack base buffer overflow Remote Code execution Vulnerability | | |
| CVE-2024-30294 | Adobe Animate OGG File Parsing Heap Memory Corruption remote code execution Vulnerability | | |
| CVE-2024-30295 | When Animate parses FLA files, there is a UAF vulnerability caused by referencing uninitialized memory at Animate.exe+0x1149dcf | | |
| CVE-2024-30296 | When Animate parses FLA files, there is an out-of-bounds write vulnerability at animate+0x123df28 | | |
| CVE-2024-30297 | When Adobe Animate parses FLA files, there is a heap out-of-bounds write vulnerability at Animate.exe+0x125D391 | | |
| CVE-2024-30298 | Adobe Animate SWF File Parsing Memory corruption | | |
| CVE-2024-30299 | Tenable Vulnerability Disclosure | API Auth Bypass | | |
| CVE-2024-30300 | Tenable Vulnerability Disclosure | Sensitive Information Disclosure Via Fake FMPS Worker | | |
| CVE-2024-30301 | ZDI-CAN-23042: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30302 | ZDI-CAN-23077: Adobe Acrobat Reader DC AcroForm Use-After-Free Information Disclosure Vulnerability | | |
| CVE-2024-30303 | ZDI-CAN-23044: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30304 | ZDI-CAN-23040: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30305 | ZDI-CAN-23043: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30306 | ZDI-CAN-23106: Adobe Acrobat Reader DC AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2024-30307 | Adobe Substance 3D Painter BMP File Parsing Out Of Bounds Write Vulnerability | | |
| CVE-2024-30308 | Adobe Substance 3D Painter PSD File Parsing Acces Violation Read Vulnerability | | |
| CVE-2024-30309 | Adobe Substance 3D Painter TGA File Parsing Acces Violation Read Vulnerability | | |
| CVE-2024-30310 | ZDI-CAN-23327: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2024-30311 | TALOS-2024-1946 - Adobe Acrobat Reader Font gvar GlyphVariationData out-of-bounds read vulnerability | | |
| CVE-2024-30312 | TALOS-2024-1952 - Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability | | |
| CVE-2024-30314 | Dreamweaver Desktop | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) | | |
| CVE-2024-30321 | A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Wi... | | |
| CVE-2024-30322 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30323 | Foxit PDF Reader template Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2024-30324 | Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30325 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30326 | Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30327 | Foxit PDF Reader template Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30328 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30329 | Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability | | |
| CVE-2024-30330 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30331 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30332 | Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30333 | Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30334 | Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30335 | Foxit PDF Reader AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2024-30336 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30337 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30338 | Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30339 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30340 | Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2024-30341 | Foxit PDF Reader Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2024-30342 | Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30343 | Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30344 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30345 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30346 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30347 | Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2024-30348 | Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2024-30349 | Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2024-30350 | Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2024-30351 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30352 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30353 | Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2024-30354 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30355 | Foxit PDF Reader AcroForm Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2024-30356 | Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2024-30357 | Foxit PDF Reader AcroForm Annotation Type Confusion Remote Code Execution Vulnerability | | |
| CVE-2024-30358 | Foxit PDF Reader AcroForm User-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30359 | Foxit PDF Reader AcroForm 3D Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2024-30360 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30361 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30362 | Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30363 | Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2024-30364 | Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2024-30365 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30366 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30367 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30368 | A10 Thunder ADC CsrRequestView Command Injection Remote Code Execution Vulnerability | | |
| CVE-2024-30369 | A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability | | |
| CVE-2024-30370 | RARLAB WinRAR Mark-Of-The-Web Bypass Vulnerability | | |
| CVE-2024-30371 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30372 | Allegra getLinkText Server-Side Template Injection Remote Code Execution Vulnerability | | |
| CVE-2024-30373 | Kofax Power PDF JPF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2024-30374 | Luxion KeyShot Viewer KSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2024-30375 | Luxion KeyShot Viewer KSP File Parsing Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2024-30376 | Famatech Advanced IP Scanner Uncontrolled Search Path Element Local Privilege Escalation Vulnerability | | |
| CVE-2024-30377 | G DATA Total Security Scan Server Link Following Local Privilege Escalation Vulnerability | | |
| CVE-2024-30378 | Junos OS: MX Series: bbe-smgd process crash upon execution of specific CLI commands | S | |
| CVE-2024-30380 | Junos OS and Junos OS Evolved: l2cpd crash upon receipt of a specific TLV | S | |
| CVE-2024-30381 | Paragon Active Assurance: probe_serviced exposes internal objects to local users | S | |
| CVE-2024-30382 | Junos OS and Junos OS Evolved: RPD crash when CoS-based forwarding (CBF) policy is configured | S | |
| CVE-2024-30384 | Junos OS: EX4300 Series: If a specific CLI command is issued PFE crashes will occur | S | |
| CVE-2024-30386 | Junos OS and Junos OS Evolved: In a EVPN-VXLAN scenario state changes on adjacent systems can cause an l2ald process crash | S | |
| CVE-2024-30387 | Junos OS: ACX5448 & ACX710: Due to interface flaps the PFE process can crash | S | |
| CVE-2024-30388 | Junos OS: QFX5000 Series and EX Series: Specific malformed LACP packets will cause flaps | S | |
| CVE-2024-30389 | Junos OS: EX4300 Series: Firewall filter not blocking egress traffic | S | |
| CVE-2024-30390 | Junos OS Evolved: Connection limits is not being enforced while the resp. rate limit is being enforced | S | |
| CVE-2024-30391 | Junos OS: MX Series with SPC3, and SRX Series: When IPsec authentication is configured with "hmac-sha-384" and "hmac-sha-512" no authentication of traffic is performed | S | |
| CVE-2024-30392 | Junos OS: MX Series with SPC3 and MS-MPC/-MIC: When URL filtering is enabled and a specific URL request is received a flowd crash occurs | S | |
| CVE-2024-30394 | Junos OS and Junos OS Evolved: A specific EVPN type-5 route causes rpd crash | S | |
| CVE-2024-30395 | Junos OS and Junos OS Evolved: A malformed BGP tunnel encapsulation attribute will lead to an rpd crash | S | |
| CVE-2024-30397 | Junos OS: An invalid certificate causes a Denial of Service in the Internet Key Exchange (IKE) process | S | |
| CVE-2024-30398 | Junos OS: SRX4600 Series - A high amount of specific traffic causes packet drops and an eventual PFE crash | S | |
| CVE-2024-30401 | Junos OS: MX Series and EX9200-15C: Stack-based buffer overflow in aftman | S | |
| CVE-2024-30402 | Junos OS and Junos OS Evolved: The l2ald crashes on receiving telemetry messages from a specific subscription | S | |
| CVE-2024-30403 | Junos OS Evolved: When MAC learning happens, and an interface gets flapped, the PFE crashes | S | |
| CVE-2024-30405 | Junos OS: SRX 5000 Series with SPC2: Processing of specific crafted packets when ALG is enabled causes a transit traffic Denial of Service | S | |
| CVE-2024-30406 | Junos OS Evolved: ACX Series with Paragon Active Assurance Test Agent: A local high privileged attacker can recover other administrators credentials | S | |
| CVE-2024-30407 | [Child CVE] JCNR and cRPD: Hard-coded SSH host keys in cRPD may allow Person-in-the-Middle (PitM) attacks | S | |
| CVE-2024-30409 | Junos OS and Junos OS Evolved: Higher CPU consumption on routing engine leads to Denial of Service (DoS). | S | |
| CVE-2024-30410 | Junos OS: EX4300 Series: Loopback filter not blocking traffic despite having discard term. | S | |
| CVE-2024-30413 | Vulnerability of improper permission control in the window management module. Impact: Successful exp... | | |
| CVE-2024-30414 | Command injection vulnerability in the AccountManager module. Impact: Successful exploitation of thi... | | |
| CVE-2024-30415 | Vulnerability of improper permission control in the window management module. Impact: Successful exp... | | |
| CVE-2024-30416 | Use After Free (UAF) vulnerability in the underlying driver module. Impact: Successful exploitation ... | | |
| CVE-2024-30417 | Path traversal vulnerability in the Bluetooth-based sharing module. Impact: Successful exploitation ... | | |
| CVE-2024-30418 | Vulnerability of insufficient permission verification in the app management module. Impact: Successf... | | |
| CVE-2024-30419 | Cross-site scripting vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.1... | | |
| CVE-2024-30420 | Server-side request forgery (SSRF) vulnerability exists in a-blog cms Ver.3.1.x series versions prio... | | |
| CVE-2024-30421 | WordPress Events Manager plugin <= 6.4.7.1 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2024-30422 | WordPress Elementor Addon Elements plugin <= 1.13.1 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30423 | WordPress Better Elementor Addons plugin <= 1.3.7 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30424 | WordPress Beaver Builder Addons by WPZOOM plugin <= 1.3.4 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30425 | WordPress Beaver Builder – WordPress Page Builder plugin <= 2.7.4.4 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30426 | WordPress Hash Elements plugin <= 1.3.3 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30427 | WordPress Spiffy Calendar plugin <= 4.9.7 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30428 | WordPress Contest Gallery plugin <= 21.3.5 - Reflected Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30429 | WordPress wp-forecast plugin <= 9.2 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30430 | WordPress FluentCRM plugin <= 2.8.44 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30431 | WordPress Mang Board WP plugin <= 1.8.0 - Reflected Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30432 | WordPress B Slider plugin <= 1.1.12 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30433 | WordPress MultiVendorX Marketplace plugin <= 4.1.3 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30434 | WordPress WP-CRM System plugin <= 3.2.9 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30435 | WordPress The Plus Blocks for Block Editor | Gutenberg plugin <= 3.2.5 - Reflected Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30436 | WordPress Collect.chat plugin <= 2.4.1 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30437 | WordPress Webinar and Video Conference with Jitsi Meet plugin <= 2.6.3 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30438 | WordPress Print Page block plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30439 | WordPress Limit Attempts by BestWebSoft plugin <= 1.2.9 - Reflected Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30440 | WordPress Themify Event Post plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30441 | WordPress Combo Blocks plugin <= 2.2.74 - Reflected Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30442 | WordPress Bold Page Builder plugin <= 4.8.0 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30443 | WordPress GS Testimonial Slider plugin <= 3.1.4 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30444 | WordPress WordPress Page Builder – Zion Builder plugin <= 3.6.9 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30445 | WordPress Web Icons plugin <= 1.0.0.10 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30446 | WordPress CRM Perks Forms plugin <= 1.1.4 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30447 | WordPress Creative Image Slider plugin <= 2.1.3 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30448 | WordPress Slider by Supsystic plugin <= 1.8.10 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30449 | WordPress Booking Activities plugin <= 1.15.19 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30450 | WordPress OpenStreetMap for Gutenberg and WPBakery Page Builder plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30451 | WordPress Geo Controller plugin <= 8.6.4 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30452 | WordPress Landing Page Builder plugin <= 1.5.1.7 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30453 | WordPress Brave plugin <= 0.6.5 - Server Side Request Forgery (SSRF) vulnerability | S | |
| CVE-2024-30454 | WordPress WP SMS plugin <= 6.6.2 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2024-30455 | WordPress GamiPress plugin <= 6.8.5 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2024-30456 | WordPress WPCS – WordPress Currency Switcher Professional plugin <=1.2.0.1 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2024-30457 | WordPress MDTF plugin <= 1.3.3.1 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2024-30458 | WordPress FOX – Currency Switcher Professional for WooCommerce plugin <= 1.4.1.7 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2024-30459 | WordPress AI WP Writer plugin <= 3.6.5 - Broken Access Control vulnerability | S | |
| CVE-2024-30460 | WordPress Tumult Hype Animations plugin <= 1.9.11 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2024-30462 | WordPress HUSKY plugin <= 1.3.5.1 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2024-30463 | WordPress BEAR plugin <= 1.1.4.3 - Broken Access Control vulnerability | S | |
| CVE-2024-30464 | WordPress Social Icons Widget & Block by WPZOOM plugin <= 4.2.15 - Broken Access Control vulnerability | S | |
| CVE-2024-30465 | WordPress PageLayer plugin <= 1.8.1 - Broken Access Control vulnerability | S | |
| CVE-2024-30466 | WordPress WooCommerce Multilingual & Multicurrency plugin <= 5.3.4 - Broken Access Control vulnerability | S | |
| CVE-2024-30467 | WordPress Essential Blocks plugin <= 4.4.9 - Broken Access Control vulnerability | S | |
| CVE-2024-30468 | WordPress All-In-One Security (AIOS) – Security and Firewall plugin <= 5.2.6 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2024-30469 | WordPress Wholesale For WooCommerce plugin <= 2.3.0 - Unauthenticated Sensitive Data Exposure vulnerability | S | |
| CVE-2024-30470 | WordPress YITH WooCommerce Account Funds Premium plugin <= 1.32.0 - Broken Access Control vulnerability | S | |
| CVE-2024-30471 | Apache StreamPipes: Potential creation of multiple identical accounts | | |
| CVE-2024-30472 | Telemetry Dashboard v1.0.0.8 for Dell ThinOS 2402 contains a sensitive information disclosure vulner... | | |
| CVE-2024-30473 | Dell ECS, versions prior to 3.8.1, contain a privilege elevation vulnerability in user management. A... | | |
| CVE-2024-30477 | WordPress Klarna Payments for WooCommerce plugin <= 3.2.4 - Broken Access Control vulnerability | S | |
| CVE-2024-30478 | WordPress Announcement & Notification Banner – Bulletin plugin <= 3.8.5 - SQL Injection vulnerability | S | |
| CVE-2024-30479 | WordPress LionScripts: IP Blocker Lite plugin <= 11.1.1 - Bypass vulnerability | | |
| CVE-2024-30480 | WordPress CGC Maintenance Mode plugin <= 1.2 - IP Filtering Bypass vulnerability | | |
| CVE-2024-30481 | WordPress JCH Optimize plugin <= 4.0.0 - Broken Access Control vulnerability | S | |
| CVE-2024-30482 | WordPress Simple Revisions Delete plugin <= 1.5.3 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2024-30483 | WordPress Sponsors plugin <= 3.5.1 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-30484 | WordPress RT Easy Builder plugin <= 2.0 - Broken Access Control vulnerability | S | |
| CVE-2024-30485 | WordPress Finale Lite plugin <= 2.18.0 - Subscriber+ Arbitrary Plugin Installation/Activation vulnerability | S | |
| CVE-2024-30486 | WordPress Media Library Folders plugin <= 8.1.7 - Auth. SQL Injection vulnerability | S | |
| CVE-2024-30487 | WordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar plugin <= 5.1 - Broken Access Control vulnerability | S | |
| CVE-2024-30488 | WordPress Zotpress plugin <= 7.3.7 - SQL Injection vulnerability | S | |
| CVE-2024-30489 | WordPress WP Cost Estimation & Payment Forms Builder plugin <= 10.1.75 - SQL Injection vulnerability | S | |
| CVE-2024-30490 | WordPress ProfileGrid plugin <= 5.7.8 - SQL Injection vulnerability | S | |
| CVE-2024-30491 | WordPress ProfileGrid – User Profiles, Memberships, Groups and Communities plugin <= 5.7.8 - SQL Injection vulnerability | S | |
| CVE-2024-30492 | WordPress Export and Import Users and Customers plugin <= 2.5.2 - Path Traversal vulnerability | S | |
| CVE-2024-30493 | WordPress Church Admin plugin <= 4.1.7 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2024-30494 | WordPress OSS Aliyun plugin <= 1.4.10 - SQL Injection vulnerability | S | |
| CVE-2024-30495 | WordPress Falang multilanguage for WordPress plugin <= 1.3.47 - SQL Injection vulnerability | S | |
| CVE-2024-30496 | WordPress Element Pack Lite plugin <= 5.5.3 - SQL Injection vulnerability | S | |
| CVE-2024-30497 | WordPress WP Responsive Tabs horizontal vertical and accordion Tabs plugin <= 1.1.17 - SQL Injection vulnerability | S | |
| CVE-2024-30498 | WordPress CRM Perks Forms plugin <= 1.1.4 - Unauthenticated SQL Injection vulnerability | S | |
| CVE-2024-30499 | WordPress CRM Perks Forms plugin <= 1.1.4 - SQL Injection vulnerability | S | |
| CVE-2024-30500 | WordPress CubeWP plugin <= 1.1.12 - Arbitrary File Upload vulnerability | S | |
| CVE-2024-30501 | WordPress Download Monitor theme <= 4.9.4 - Auth. SQL Injection vulnerability | S | |
| CVE-2024-30502 | WordPress WP Travel Engine plugin <= 5.7.9 - Unauth. Blind SQL Injection vulnerability | S | |
| CVE-2024-30503 | WordPress Mailster plugin <= 4.0.6 - Reflected Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30504 | WordPress WP Travel Engine plugin <= 5.7.9 - SQL Injection vulnerability | S | |
| CVE-2024-30505 | WordPress Church Admin plugin <= 4.1.18 - Broken Access Control vulnerability | S | |
| CVE-2024-30506 | WordPress All In One Redirection plugin <= 2.2.0 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-30507 | WordPress Molongui Authorship plugin <= 4.7.7 - Insecure Direct Object References (IDOR) vulnerability | S | |
| CVE-2024-30508 | WordPress WP Hotel Booking plugin <= 2.0.9.2 - Broken Access Control vulnerability | S | |
| CVE-2024-30509 | WordPress SellKit plugin <= 1.8.1 - Arbitrary File Download vulnerability | S | |
| CVE-2024-30510 | WordPress Salon booking system plugin <= 9.5 - Arbitrary File Upload vulnerability | S | |
| CVE-2024-30511 | WordPress FG PrestaShop to WooCommerce plugin <= 4.45.1 - Sensitive Data Exposure via Log File vulnerability | S | |
| CVE-2024-30512 | WordPress weForms plugin <= 1.6.20 - Broken Access Control vulnerability | S | |
| CVE-2024-30513 | WordPress ProfileGrid plugin <= 5.7.2 - Insecure Direct Object References (IDOR) vulnerability | S | |
| CVE-2024-30514 | WordPress Paid Memberships Pro – Payfast Gateway Add On plugin <= 1.4.1 - Sensitive Data Exposure via Log File vulnerability | S | |
| CVE-2024-30515 | WordPress Events Manager plugin <= 6.4.6.4 - Broken Access Control vulnerability | S | |
| CVE-2024-30517 | WordPress Sliced Invoices plugin <= 3.9.2 - Broken Access Control vulnerability | S | |
| CVE-2024-30518 | WordPress Custom WooCommerce Checkout Fields Editor plugin <= 1.3.0 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2024-30519 | WordPress Lordicon Animated Icons plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-30520 | WordPress Carousel Anything For WPBakery Page Builder plugin <= 2.1 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-30521 | WordPress Landingi Landing Pages plugin <= 3.1.1 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2024-30522 | WordPress Newsletter plugin <= 8.2.0 - IP Blacklist Bypass vulnerability | S | |
| CVE-2024-30523 | WordPress Paid Memberships Pro – Mailchimp Add On plugin <= 2.3.4 - Sensitive Data Exposure vulnerability | S | |
| CVE-2024-30524 | WordPress PDF Viewer for Elementor plugin <= 2.9.3 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-30525 | WordPress Move Addons for Elementor plugin <= 1.2.9 - Broken Access Control vulnerability | S | |
| CVE-2024-30526 | WordPress Easy Social Feed – Social Photos Gallery – Post Feed – Like Box plugin <= 6.5.6 - Cross Site Request Forgery (CSRF) vulnerability | | |
| CVE-2024-30527 | WordPress WP Express Checkout plugin <= 2.3.7 - Price Manipulation vulnerability | S | |
| CVE-2024-30528 | WordPress Spiffy Calendar plugin <= 4.9.10 - Broken Access Control vulnerability | S | |
| CVE-2024-30529 | WordPress Tainacan plugin <= 0.20.7 - Broken Access Control vulnerability | S | |
| CVE-2024-30530 | WordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar plugin <= 5.1 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30531 | WordPress Nelio Content plugin <= 3.2.0 - Server Side Request Forgery (SSRF) vulnerability | S | |
| CVE-2024-30532 | WordPress Builderall Builder for WordPress plugin <= 2.0.1 - Server Side Request Forgery (SSRF) vulnerability | S | |
| CVE-2024-30533 | WordPress Layouts for Elementor plugin < 1.8 - Arbitrary File Upload vulnerability | S | |
| CVE-2024-30534 | WordPress Calendarista Basic Edition plugin <= 3.0.5 - Broken Access Control vulnerability | S | |
| CVE-2024-30535 | WordPress Easy Form Builder plugin <= 3.7.4 - SQL Injection vulnerability | S | |
| CVE-2024-30536 | WordPress Slugs Manager plugin <= 2.6.7 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2024-30537 | WordPress WPC Badge Management for WooCommerce plugin <= 2.4.0 - Broken Access Control vulnerability | S | |
| CVE-2024-30538 | WordPress DELUCKS SEO plugin <= 2.5.4 - Broken Access Control vulnerability | S | |
| CVE-2024-30539 | WordPress Awesome Support plugin <= 6.1.7 - Broken Access Control vulnerability | S | |
| CVE-2024-30540 | WordPress VS Contact Form plugin <= 14.7 - Sum Captcha Bypass vulnerability | S | |
| CVE-2024-30541 | WordPress LWS Optimize plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2024-30542 | WordPress WholesaleX plugin <= 1.3.2 - Unauthenticated Privilege Escalation vulnerability | S | |
| CVE-2024-30543 | WordPress Whizzy plugin <= 1.1.18 - Insecure Direct Object References (IDOR) vulnerability | | |
| CVE-2024-30544 | WordPress Whizzy plugin <= 1.1.18 - Broken Access Control vulnerability | | |
| CVE-2024-30545 | WordPress Social Author Bio plugin <= 2.4 - Stored XSS via Cross Site Request Forgery (CSRF) vulnerability | | |
| CVE-2024-30546 | WordPress Login With Ajax plugin <= 4.1 - Cross Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2024-30548 | WordPress underConstruction plugin <= 1.21 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-30549 | WordPress Contact Forms by Cimatti plugin <= 1.8.0 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-30550 | WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - Reflected Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-30551 | WordPress Sticky Anything plugin <= 2.1.5 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-30552 | WordPress Responsive flipbook plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-30553 | WordPress WP Twitter Mega Fan Box Widget plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-30554 | WordPress DD Rating plugin <= 1.7.1 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-30555 | WordPress Ultimate Social Comments plugin <= 1.4.8 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-30556 | WordPress Mighty Classic Pros And Cons plugin <= 2.0.9 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-30557 | WordPress Aesop Story Engine plugin <= 2.3.2 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-30558 | WordPress Add Shortcodes Actions And Filters plugin <= 2.10 - Reflected Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-30559 | WordPress Spin 360 deg and 3D Model Viewer plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-30560 | WordPress DX-Watermark plugin <= 1.0.4 - CSRF to Arbitrary File Upload and XSS vulnerability | | |
| CVE-2024-30561 | WordPress Appointment Calendar plugin <= 2.9.6 - Reflected Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-30564 | An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker ... | | |
| CVE-2024-30565 | An issue was discovered in SeaCMS version 12.9, allows remote attackers to execute arbitrary code vi... | E | |
| CVE-2024-30567 | An issue in JNT Telecom JNT Liftcom UMS V1.J Core Version JM-V15 allows a remote attacker to execute... | | |
| CVE-2024-30568 | Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the c4-IPAddr... | E | |
| CVE-2024-30569 | An information leak in currentsetting.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sens... | E | |
| CVE-2024-30570 | An information leak in debuginfo.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive... | E | |
| CVE-2024-30571 | An information leak in the BRS_top.html component of Netgear R6850 v1.1.0.88 allows attackers to obt... | E | |
| CVE-2024-30572 | Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the ntp_serve... | E | |
| CVE-2024-30583 | Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the mitInterface parameter of the ... | E | |
| CVE-2024-30584 | Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the security parameter of the form... | E | |
| CVE-2024-30585 | Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceId parameter of the save... | E | |
| CVE-2024-30586 | Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the security_5g parameter of the f... | E | |
| CVE-2024-30587 | Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the urls parameter of the savePare... | E | |
| CVE-2024-30588 | Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the schedStartTime parameter of th... | E | |
| CVE-2024-30589 | Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerability in the entrys parameter of t... | E | |
| CVE-2024-30590 | Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the schedEndTime parameter of the ... | E | |
| CVE-2024-30591 | Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the time parameter of the savePare... | E | |
| CVE-2024-30592 | Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the page parameter of the fromAddr... | E | |
| CVE-2024-30593 | Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability located in the deviceName parameter o... | E | |
| CVE-2024-30594 | Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceMac parameter of the add... | E | |
| CVE-2024-30595 | Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceId parameter of the addW... | E | |
| CVE-2024-30596 | Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceId parameter of the form... | E | |
| CVE-2024-30597 | Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability in the security parameter of the f... | E | |
| CVE-2024-30598 | Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability in the security_5g parameter of th... | E | |
| CVE-2024-30599 | Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the deviceMac parameter of the addWifiMa... | E | |
| CVE-2024-30600 | Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the schedEndTime parameter of the setSch... | E | |
| CVE-2024-30601 | Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the time parameter of the saveParentCont... | E | |
| CVE-2024-30602 | Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the schedStartTime parameter of the setS... | E | |
| CVE-2024-30603 | Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the urls parameter of the saveParentCont... | E | |
| CVE-2024-30604 | Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the list1 parameter of the fromDhcpListC... | E | |
| CVE-2024-30606 | Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the page parameter of the fromDhcpListCl... | E | |
| CVE-2024-30607 | Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the deviceId parameter of the saveParent... | E | |
| CVE-2024-30612 | Tenda AC10U v15.03.06.48 has a stack overflow vulnerability in the deviceId, limitSpeed, limitSpeedU... | E | |
| CVE-2024-30613 | Tenda AC15 v15.03.05.18 has a stack overflow vulnerability in the time parameter from the setSmartPo... | | |
| CVE-2024-30614 | An issue in Ametys CMS v4.5.0 and before allows attackers to obtain sensitive information via expose... | | |
| CVE-2024-30616 | Chamilo LMS 1.11.26 is vulnerable to Incorrect Access Control via main/auth/profile. Non-admin users... | E S | |
| CVE-2024-30617 | A Cross-Site Request Forgery (CSRF) vulnerability in Chamilo LMS 1.11.26 "/main/social/home.php," al... | E S | |
| CVE-2024-30618 | A Stored Cross-Site Scripting (XSS) Vulnerability in Chamilo LMS 1.11.26 allows a remote attacker to... | E S | |
| CVE-2024-30619 | Chamilo LMS Version 1.11.26 is vulnerable to Incorrect Access Control. A non-authenticated attacker ... | S | |
| CVE-2024-30620 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the serviceName parameter in the function fromAd... | E | |
| CVE-2024-30621 | Tenda AX1803 v1.0.0.1 contains a stack overflow via the serverName parameter in the function fromAdv... | E | |
| CVE-2024-30622 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the mitInterface parameter from fro... | E | |
| CVE-2024-30623 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the page parameter from fromDhcpLis... | E | |
| CVE-2024-30624 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the urls parameter from saveParentC... | E | |
| CVE-2024-30625 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the entrys parameter from fromAddre... | E | |
| CVE-2024-30626 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the schedEndTime parameter from set... | E | |
| CVE-2024-30627 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the deviceId parameter from savePar... | E | |
| CVE-2024-30628 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the page parameter from fromAddress... | E | |
| CVE-2024-30629 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the list1 parameter from fromDhcpLi... | E | |
| CVE-2024-30630 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the time parameter from saveParentC... | E | |
| CVE-2024-30631 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the schedStartTime parameter from s... | E | |
| CVE-2024-30632 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the security_5g parameter from form... | E | |
| CVE-2024-30633 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the security parameter from the for... | E | |
| CVE-2024-30634 | Tenda F1202 v1.2.0.20(408) has a stack overflow vulnerability via the mitInterface parameter in the ... | E | |
| CVE-2024-30635 | Tenda F1202 v1.2.0.20(408) has a stack overflow vulnerability located in the funcpara1 parameter in ... | E | |
| CVE-2024-30636 | Tenda F1202 v1.2.0.20(408) has a stack overflow vulnerability via the PPPOEPassword parameter in the... | E | |
| CVE-2024-30637 | Tenda F1202 v1.2.0.20(408) has a command injection vulnerablility in the formWriteFacMac function in... | E | |
| CVE-2024-30638 | Tenda F1202 v1.2.0.20(408) has a stack overflow vulnerability via the entrys parameter in the fromAd... | E | |
| CVE-2024-30639 | Tenda F1202 v1.2.0.20(408) has a stack overflow vulnerability in the page parameter of fromAddressNa... | E | |
| CVE-2024-30645 | Tenda AC15V1.0 V15.03.20_multi has a command injection vulnerability via the deviceName parameter.... | | |
| CVE-2024-30656 | An issue in Fireboltt Dream Wristphone BSW202_FB_AAC_v2.0_20240110-20240110-1956 allows attackers to... | | |
| CVE-2024-30657 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30658 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30659 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30661 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30662 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30663 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30665 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30666 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30667 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30672 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30674 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30675 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30676 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30678 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30679 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30680 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30681 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30683 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30684 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30686 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30687 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30688 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30690 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30691 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30692 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30694 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30695 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30696 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30697 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30699 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30701 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30702 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30703 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30704 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30706 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30707 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30708 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30710 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30711 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30712 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30713 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30715 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30716 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30718 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30719 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30721 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30722 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30723 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30724 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30726 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30727 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30728 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30729 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30730 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30733 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30735 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30736 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30737 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-30799 | An issue in PX4 Autopilot v1.14 and before allows a remote attacker to execute arbitrary code and ca... | | |
| CVE-2024-30800 | PX4 Autopilot v.1.14 allows an attacker to fly the drone into no-fly zones by breaching the geofence... | | |
| CVE-2024-30801 | SQL Injection vulnerability in Cloud based customer service management platform v.1.0.0 allows a loc... | | |
| CVE-2024-30802 | An issue in Vehicle Management System 7.31.0.3_20230412 allows an attacker to escalate privileges vi... | | |
| CVE-2024-30804 | An issue discovered in the DeviceIoControl component in ASUS Fan_Xpert before v.10013 allows an atta... | | |
| CVE-2024-30806 | An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap overflow in AP4_Dec3Atom::A... | E | |
| CVE-2024-30807 | An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap-use-after-free in AP4_Unkno... | E | |
| CVE-2024-30808 | An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap-use-after-free in AP4_SubSt... | E | |
| CVE-2024-30809 | An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap-use-after-free in Ap4Sample... | E | |
| CVE-2024-30840 | A Stack Overflow vulnerability in Tenda AC15 v15.03.05.18 allows attackers to cause a denial of serv... | | |
| CVE-2024-30845 | Cross Site Scripting vulnerability in Rainbow external link network disk v.5.5 allows a remote attac... | | |
| CVE-2024-30848 | Cross-site scripting (XSS) vulnerability in SilverSky E-mail service version 5.0.3126 allows remote ... | | |
| CVE-2024-30849 | Arbitrary file upload vulnerability in Sourcecodester Complete E-Commerce Site v1.0, allows remote a... | E | |
| CVE-2024-30850 | An issue in tiagorlampert CHAOS v5.0.1 allows a remote attacker to execute arbitrary code via the Bu... | | |
| CVE-2024-30851 | Directory Traversal vulnerability in codesiddhant Jasmin Ransomware v.1.0.1 allows an attacker to ob... | | |
| CVE-2024-30858 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_fire_wall.php.... | E | |
| CVE-2024-30859 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/config_ISCGroupSSLCert.php.... | E | |
| CVE-2024-30860 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/export_excel_user.php.... | E | |
| CVE-2024-30861 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/configguide/ipsec_guide_1.php.... | E | |
| CVE-2024-30862 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /3g/index.php.... | E | |
| CVE-2024-30863 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /WebPages/history.php.... | E | |
| CVE-2024-30864 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/config_ISCGroupTimePolicy.php.... | E | |
| CVE-2024-30865 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_user_login.php.... | E | |
| CVE-2024-30866 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /3g/menu.php.... | E | |
| CVE-2024-30867 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_virtual_site_info.php.... | E | |
| CVE-2024-30868 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/add_getlogin.php.... | E | |
| CVE-2024-30870 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/address_interpret.php.... | E | |
| CVE-2024-30871 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /WebPages/applyhardware.php.... | E | |
| CVE-2024-30872 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /include/authrp.php.... | E | |
| CVE-2024-30875 | Cross Site Scripting vulnerability in JavaScript Library jquery-ui v.1.13.1 allows a remote attacker... | | |
| CVE-2024-30878 | A cross-site scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to execute... | E | |
| CVE-2024-30879 | Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to... | E | |
| CVE-2024-30880 | Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to... | E | |
| CVE-2024-30883 | Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to... | E | |
| CVE-2024-30884 | Reflected Cross-Site Scripting (XSS) vulnerability in Discuz! version X3.4 20220811, allows remote a... | | |
| CVE-2024-30885 | Reflected Cross-Site Scripting (XSS) vulnerability in HadSky v7.6.3, allows remote attackers to exec... | E | |
| CVE-2024-30886 | A stored cross-site scripting (XSS) vulnerability in the remotelink function of HadSky v7.6.3 allows... | E | |
| CVE-2024-30889 | Cross Site Scripting vulnerability in audimex audimexEE v.15.1.2 and fixed in 15.1.3.9 allows a remo... | E M | |
| CVE-2024-30890 | Cross Site Scripting vulnerability in ED01-CMS v.1.0 allows an attacker to obtain sensitive informat... | E | |
| CVE-2024-30891 | A command injection vulnerability exists in /goform/exeCommand in Tenda AC18 v15.03.05.05, which all... | E | |
| CVE-2024-30896 | InfluxDB OSS 2.x through 2.7.11 stores the administrative operator token under the default organizat... | | |
| CVE-2024-30915 | An issue was discovered in OpenDDS commit b1c534032bb62ad4ae32609778de6b8d6c823a66, allows a local a... | | |
| CVE-2024-30916 | An issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a ... | E | |
| CVE-2024-30917 | An issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a ... | | |
| CVE-2024-30920 | Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows a remote attacker to execute ar... | E | |
| CVE-2024-30921 | Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows a remote attacker to execute ar... | E | |
| CVE-2024-30922 | SQL Injection vulnerability in DerbyNet v9.0 allows a remote attacker to execute arbitrary code via ... | E | |
| CVE-2024-30923 | SQL Injection vulnerability in DerbyNet v9.0 and below allows a remote attacker to execute arbitrary... | E | |
| CVE-2024-30924 | Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary ... | E | |
| CVE-2024-30925 | Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary ... | E | |
| CVE-2024-30926 | Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary ... | E | |
| CVE-2024-30927 | Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary ... | E | |
| CVE-2024-30928 | SQL Injection vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary SQL com... | E | |
| CVE-2024-30929 | Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary ... | E | |
| CVE-2024-30931 | Stored Cross Site Scripting vulnerability in Emby Media Server Emby Media Server 4.8.3.0 allows a re... | | |
| CVE-2024-30938 | SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to obtain sensitive information... | | |
| CVE-2024-30939 | An issue discovered in Yealink VP59 Teams Editions with firmware version 91.15.0.118 allows a physic... | | |
| CVE-2024-30946 | DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/de... | E | |
| CVE-2024-30949 | An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in... | S | |
| CVE-2024-30950 | A stored cross-site scripting (XSS) vulnerability in FUDforum v3.1.3 allows attackers to execute arb... | | |
| CVE-2024-30951 | FUDforum v3.1.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via t... | | |
| CVE-2024-30952 | A stored cross-site scripting (XSS) vulnerability in PESCMS-TEAM v2.3.6 allows attackers to execute ... | | |
| CVE-2024-30953 | A stored cross-site scripting (XSS) vulnerability in Htmly v2.9.5 allows attackers to execute arbitr... | | |
| CVE-2024-30961 | Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2- R... | E | |
| CVE-2024-30962 | Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2- ROS2-h... | E | |
| CVE-2024-30963 | Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2- ROS2-h... | | |
| CVE-2024-30964 | Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2- R... | | |
| CVE-2024-30965 | DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/de... | E | |
| CVE-2024-30973 | An issue in V-SOL G/EPON ONU HG323AC-B with firmware version V2.0.08-210715 allows an attacker to ex... | | |
| CVE-2024-30974 | SQL Injection vulnerability in autoexpress v.1.3.0 allows attackers to run arbitrary SQL commands vi... | | |
| CVE-2024-30977 | An issue in Secnet Security Network Intelligent AC Management System v.1.02.040 allows a local attac... | | |
| CVE-2024-30979 | Cross Site Scripting vulnerability in Cyber Cafe Management System 1.0 allows a remote attacker to e... | E | |
| CVE-2024-30980 | SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows ... | E | |
| CVE-2024-30981 | SQL Injection vulnerability in /edit-computer-detail.php in phpgurukul Cyber Cafe Management System ... | E | |
| CVE-2024-30982 | SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows ... | | |
| CVE-2024-30983 | SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows ... | | |
| CVE-2024-30985 | SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using... | E | |
| CVE-2024-30986 | Cross Site Scripting vulnerability in /edit-services-details.php of phpgurukul Client Management Sys... | E | |
| CVE-2024-30987 | Cross Site Scripting vulnerability in /bwdates-reports-ds.php of phpgurukul Client Management System... | E | |
| CVE-2024-30988 | Cross Site Scripting vulnerability in /search-invoices.php of phpgurukul Client Management System us... | E | |
| CVE-2024-30989 | Cross Site Scripting vulnerability in /edit-client-details.php of phpgurukul Client Management Syste... | E | |
| CVE-2024-30990 | SQL Injection vulnerability in the "Invoices" page in phpgurukul Client Management System using PHP ... | E | |
| CVE-2024-30998 | SQL Injection vulnerability in PHPGurukul Men Salon Management System v.2.0, allows remote attackers... | E |