| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2024-44000 | WordPress LiteSpeed Cache plugin < 6.5.0.1 - Unauthenticated Account Takeover via Cookie Leak vulnerability | E S | |
| CVE-2024-44001 | WordPress Royal Elementor Addons and Templates plugin <= 1.3.982 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-44002 | WordPress Team Showcase plugin <= 1.22.25 - Reflected Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-44003 | WordPress Spice Starter Sites plugin <= 1.2.5 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-44004 | WordPress WPCargo Track & Trace plugin <= 7.0.6 - SQL Injection vulnerability | | |
| CVE-2024-44005 | WordPress Greenshift – animation and page builder blocks plugin <= 9.3.7 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-44006 | WordPress WooCommerce Multilingual & Multicurrency plugin <= 5.3.7 - Broken Access Control vulnerability | S | |
| CVE-2024-44007 | WordPress SKT Templates – Elementor & Gutenberg templates plugin <= 6.14 - Reflected Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-44008 | WordPress Geo Mashup plugin <= 1.13.12 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-44009 | WordPress WCFM Marketplace <= 3.6.10 - Reflected Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-44010 | WordPress Full frame theme <= 2.7.2 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-44011 | WordPress WP Ticket Ultra plugin <= 1.0.5 - Local File Inclusion vulnerability | | |
| CVE-2024-44012 | WordPress WP Newsletter Subscription plugin <= 1.1 - Local File Inclusion vulnerability | | |
| CVE-2024-44013 | WordPress VR Calendar plugin <= 2.4.0 - Local File Inclusion vulnerability | | |
| CVE-2024-44014 | WordPress Vmax Project Manager plugin <= 1.0 - Local File Inclusion to RCE vulnerability | | |
| CVE-2024-44015 | WordPress Users Control plugin <= 1.0.16 - Local File Inclusion vulnerability | | |
| CVE-2024-44016 | WordPress Podiant plugin <= 1.1 - Local File Inclusion vulnerability | | |
| CVE-2024-44017 | WordPress MH Board plugin <= 1.3.2.1 - Local File Inclusion vulnerability | | |
| CVE-2024-44018 | WordPress Instant Chat WP plugin <= 1.0.5 - Local File Inclusion vulnerability | | |
| CVE-2024-44019 | WordPress Contact Form 7 Campaign Monitor Extension plugin <= 0.4.67 - Arbitrary File Deletion vulnerability | S | |
| CVE-2024-44020 | WordPress WP Free SSL plugin <= 1.2.6 - Broken Access Control vulnerability | S | |
| CVE-2024-44021 | WordPress Truepush plugin <= 1.0.8 - Broken Access Control vulnerability | S | |
| CVE-2024-44022 | WordPress Review & testimonial widgets plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-44023 | WordPress ABCApp Creator plugin <= 1.1.2 - Local File Inclusion vulnerability | | |
| CVE-2024-44024 | WordPress Medical Addon for Elementor plugin <= 1.4 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-44025 | WordPress NiceJob plugin < 3.6.5 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-44026 | WordPress Charity Addon for Elementor plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-44027 | WordPress Gum Elementor Addon plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-44028 | WordPress NiceJob plugin < 3.6.5 - CSRF to Stored Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-44029 | WordPress Viala theme <= 1.3.1 - Reflected Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-44030 | WordPress Checkout Mestres WP plugin <= 8.6 - Local File Inclusion vulnerability | S | |
| CVE-2024-44031 | WordPress JoomSport plugin <= 5.6.3 - Broken Access Control vulnerability | S | |
| CVE-2024-44032 | WordPress Restaurant & Cafe Addon for Elementor plugin <= 1.5.5 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-44033 | WordPress Primary Addon for Elementor plugin <= 1.5.7 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-44034 | WordPress WPSPX plugin <= 1.0.2 - Local File Inclusion vulnerability | | |
| CVE-2024-44035 | WordPress Gum Elementor Addon plugin <= 1.3.7 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-44036 | WordPress Kodex Posts likes plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-44037 | WordPress Multipurpose Ticket Booking Manager plugin <= 4.2.2 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-44038 | WordPress Sunshine Photo Cart plugin <= 3.2.9 - Broken Access Control vulnerability | S | |
| CVE-2024-44039 | WordPress WP Travel – Ultimate Travel Booking System, Tour Management Engine plugin <= 9.3.1 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-44040 | WordPress ShiftController Employee Shift Scheduling plugin <= 4.9.64 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-44041 | WordPress IdeaPush plugin <= 8.66 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-44042 | WordPress WP Datepicker plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-44043 | WordPress Photo Gallery by 10Web plugin <= 1.8.27 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-44044 | WordPress Oshine Modules plugin < 3.3.8 - Reflected Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-44045 | WordPress WP Abstracts plugin <= 2.6.5 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-44046 | WordPress Themify plugin <= 1.5.1 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-44047 | WordPress IMPress for IDX Broker plugin <= 3.2.2 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-44048 | WordPress Product Carousel Slider & Grid Ultimate for WooCommerce plugin <= 1.9.10 - Authenticated Local File Inclusion vulnerability | | |
| CVE-2024-44049 | WordPress Gutenberg Blocks – Unlimited blocks For Gutenberg plugin <= 1.2.7 - Authenticated Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-44050 | WordPress Verbosa theme <= 1.2.3 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-44051 | WordPress Content Blocks (Custom Post Widget) plugin <= 3.3.5 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-44052 | WordPress HelloAsso plugin <= 1.1.10 - Broken Access Control vulnerability | S | |
| CVE-2024-44053 | WordPress Opor Ayam theme <= 1.8 - Reflected Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-44054 | WordPress Fluida theme <= 1.8.8 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-44055 | WordPress Oshine Modules plugin < 3.3.6 - Unauthenticated Server Side Request Forgery (SSRF) vulnerability | S | |
| CVE-2024-44056 | WordPress Mantra theme <= 3.3.2 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-44057 | WordPress Nirvana theme <= 1.6.3 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-44058 | WordPress Parabola theme <= 2.4.1 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-44059 | WordPress Custom Query Blocks plugin <= 5.3.1 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-44060 | WordPress filmix theme <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-44061 | WordPress EU/UK VAT Manager for WooCommerce plugin <= 2.12.14 - CSRF to Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-44062 | WordPress Custom Field Template plugin <= 2.6.5 - Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-44063 | WordPress Happyforms plugin <= 1.26.0 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2024-44064 | WordPress Like Button Rating LikeBtn plugin <= 2.6.54 - Reflected Cross Site Scripting (XSS) vulnerability | | |
| CVE-2024-44067 | The T-Head XuanTie C910 CPU in the TH1520 SoC and the T-Head XuanTie C920 CPU in the SOPHON SG2042 h... | | |
| CVE-2024-44068 | An issue was discovered in the m2m scaler driver in Samsung Mobile Processor and Wearable Processor ... | | |
| CVE-2024-44069 | Pi-hole before 6 allows unauthenticated admin/api.php?setTempUnit= calls to change the temperature u... | | |
| CVE-2024-44070 | An issue was discovered in FRRouting (FRR) through 10.1. bgp_attr_encap in bgpd/bgp_attr.c does not ... | S | |
| CVE-2024-44072 | OS command injection vulnerability exists in BUFFALO wireless LAN routers and wireless LAN repeaters... | | |
| CVE-2024-44073 | The Miniscript (aka rust-miniscript) library before 12.2.0 for Rust allows stack consumption because... | S | |
| CVE-2024-44076 | In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrat... | S | |
| CVE-2024-44080 | In Jitsi Meet before 2.0.9779, the functionality to share an image using giphy was implemented in an... | | |
| CVE-2024-44081 | In Jitsi Meet before 2.0.9779, the functionality to share a video file was implemented in an insecur... | | |
| CVE-2024-44082 | In OpenStack Ironic before 26.0.1 and ironic-python-agent before 9.13.1, there is a vulnerability in... | | |
| CVE-2024-44083 | ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps linked... | E | |
| CVE-2024-44085 | ONLYOFFICE Docs before 8.1.0 allows XSS via a GeneratorFunction Object attack against a macro. This ... | | |
| CVE-2024-44087 | A vulnerability has been identified in Automation License Manager V5 (All versions), Automation Lice... | | |
| CVE-2024-44092 | There is a possible LCS signing enforcement missing due to test/debugging code left in a production... | | |
| CVE-2024-44093 | In ppmp_unprotect_buf of drm/code/drm_fw.c, there is a possible memory corruption due to a logic err... | | |
| CVE-2024-44094 | In ppmp_protect_mfcfw_buf of code/drm_fw.c, there is a possible memory corruption due to improper in... | | |
| CVE-2024-44095 | In ppmp_protect_mfcfw_buf of code/drm_fw.c, there is a possible corrupt memory due to a logic error ... | | |
| CVE-2024-44096 | there is a possible arbitrary read due to an insecure default value. This could lead to local inform... | | |
| CVE-2024-44097 | According to the researcher: "The TLS connections are encrypted against tampering or eavesdropping. ... | | |
| CVE-2024-44098 | In lwis_device_event_states_clear_locked of lwis_event.c, there is a possible privilege escalation d... | | |
| CVE-2024-44099 | There is a possible Local bypass of user interaction due to an insecure default value. This could le... | | |
| CVE-2024-44100 | Android before 2024-10-05 on Google Pixel devices allows information disclosure in the modem compone... | | |
| CVE-2024-44101 | there is a possible Null Pointer Dereference (modem crash) due to improper input validation. This co... | | |
| CVE-2024-44102 | A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 (6NH9910-0AA31-... | S | |
| CVE-2024-44103 | DLL hijacking in the management console of Ivanti Workspace Control version 10.18.0.0 and below allo... | | |
| CVE-2024-44104 | An incorrectly implemented authentication scheme that is subjected to a spoofing attack in the manag... | | |
| CVE-2024-44105 | Cleartext transmission of sensitive information in the management console of Ivanti Workspace Contro... | | |
| CVE-2024-44106 | Insufficient server-side controls in the management console of Ivanti Workspace Control version 10.1... | | |
| CVE-2024-44107 | DLL hijacking in the management console of Ivanti Workspace Control version 10.18.0.0 and below allo... | | |
| CVE-2024-44112 | Missing Authorization check in SAP for Oil & Gas (Transportation and Distribution) | S | |
| CVE-2024-44113 | Information Disclosure vulnerability in the SAP Business Warehouse (BEx Analyzer) | | |
| CVE-2024-44114 | Missing Authorization check in SAP NetWeaver Application Server for ABAP and ABAP Platform | S | |
| CVE-2024-44115 | Multiple vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform | | |
| CVE-2024-44116 | Multiple vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform | | |
| CVE-2024-44117 | Multiple vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform | | |
| CVE-2024-44120 | Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal | | |
| CVE-2024-44121 | Information Disclosure in SAP S/4 HANA (Statutory Reports) | | |
| CVE-2024-44122 | A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS... | | |
| CVE-2024-44123 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia... | | |
| CVE-2024-44124 | This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS... | | |
| CVE-2024-44125 | The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7, macOS Sequoi... | | |
| CVE-2024-44126 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Seq... | | |
| CVE-2024-44127 | This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPad... | | |
| CVE-2024-44128 | This issue was addressed by adding an additional prompt for user consent. This issue is fixed in mac... | | |
| CVE-2024-44129 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7, macOS Sequo... | | |
| CVE-2024-44130 | This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15. An ... | | |
| CVE-2024-44131 | This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18 and iPa... | | |
| CVE-2024-44132 | This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15... | | |
| CVE-2024-44133 | This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15. O... | | |
| CVE-2024-44134 | This issue was addressed with improved redaction of sensitive information. This issue is fixed in ma... | | |
| CVE-2024-44135 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma ... | | |
| CVE-2024-44136 | This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPad... | | |
| CVE-2024-44137 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Seq... | | |
| CVE-2024-44139 | The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18. An attack... | | |
| CVE-2024-44141 | The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6. A person wit... | | |
| CVE-2024-44142 | The issue was addressed with improved bounds checks. This issue is fixed in GarageBand 10.4.12. Proc... | | |
| CVE-2024-44144 | A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 17.7.1 and... | | |
| CVE-2024-44145 | This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15,... | | |
| CVE-2024-44146 | A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15. An... | | |
| CVE-2024-44147 | This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS... | | |
| CVE-2024-44148 | This issue was addressed with improved validation of file attributes. This issue is fixed in macOS S... | | |
| CVE-2024-44149 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia... | | |
| CVE-2024-44151 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura... | | |
| CVE-2024-44152 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fi... | | |
| CVE-2024-44153 | The issue was addressed with improved permissions logic. This issue is fixed in macOS Sonoma 14.7, m... | | |
| CVE-2024-44154 | A memory initialization issue was addressed with improved memory handling. This issue is fixed in ma... | | |
| CVE-2024-44155 | A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed... | | |
| CVE-2024-44156 | A path deletion vulnerability was addressed by preventing vulnerable code from running with privileg... | | |
| CVE-2024-44157 | A stack buffer overflow was addressed through improved input validation. This issue is fixed in Appl... | | |
| CVE-2024-44158 | This issue was addressed with improved redaction of sensitive information. This issue is fixed in iO... | | |
| CVE-2024-44159 | A path deletion vulnerability was addressed by preventing vulnerable code from running with privileg... | | |
| CVE-2024-44160 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ve... | | |
| CVE-2024-44161 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Vent... | | |
| CVE-2024-44162 | This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 16. A malicious ... | | |
| CVE-2024-44163 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7, macOS Sonom... | | |
| CVE-2024-44164 | This issue was addressed with improved checks. This issue is fixed in iOS 17.7 and iPadOS 17.7, macO... | | |
| CVE-2024-44165 | A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7, iOS 17.... | | |
| CVE-2024-44166 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fi... | | |
| CVE-2024-44167 | This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.7,... | | |
| CVE-2024-44168 | A library injection issue was addressed with additional restrictions. This issue is fixed in macOS V... | | |
| CVE-2024-44169 | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7, iO... | | |
| CVE-2024-44170 | A privacy issue was addressed by moving sensitive data to a more secure location. This issue is fixe... | | |
| CVE-2024-44171 | This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPad... | | |
| CVE-2024-44172 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fi... | | |
| CVE-2024-44174 | The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. An attacker m... | | |
| CVE-2024-44175 | This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia ... | | |
| CVE-2024-44176 | An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in ma... | | |
| CVE-2024-44177 | A privacy issue was addressed by removing sensitive data. This issue is fixed in macOS Ventura 13.7,... | | |
| CVE-2024-44178 | This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura ... | | |
| CVE-2024-44179 | This issue was addressed by restricting options offered on a locked device. This issue is fixed in i... | | |
| CVE-2024-44180 | The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18. An attack... | | |
| CVE-2024-44181 | An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventu... | | |
| CVE-2024-44182 | This issue was addressed with improved redaction of sensitive information. This issue is fixed in ma... | | |
| CVE-2024-44183 | A logic error was addressed with improved error handling. This issue is fixed in macOS Ventura 13.7,... | | |
| CVE-2024-44184 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura... | | |
| CVE-2024-44185 | The issue was addressed with improved checks. This issue is fixed in tvOS 17.6, visionOS 1.3, Safari... | | |
| CVE-2024-44186 | An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Seq... | | |
| CVE-2024-44187 | A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of se... | | |
| CVE-2024-44188 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia... | | |
| CVE-2024-44189 | The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. A logic issue... | | |
| CVE-2024-44190 | A path handling issue was addressed with improved validation. This issue is fixed in macOS Ventura 1... | | |
| CVE-2024-44191 | This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPad... | | |
| CVE-2024-44192 | The issue was addressed with improved checks. This issue is fixed in watchOS 11, macOS Sequoia 15, S... | | |
| CVE-2024-44193 | A logic issue was addressed with improved restrictions. This issue is fixed in iTunes 12.13.3 for Wi... | | |
| CVE-2024-44194 | This issue was addressed with improved redaction of sensitive information. This issue is fixed in wa... | | |
| CVE-2024-44195 | A logic issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.1. An ... | | |
| CVE-2024-44196 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura... | | |
| CVE-2024-44197 | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.1, ... | | |
| CVE-2024-44198 | An integer overflow was addressed through improved input validation. This issue is fixed in visionOS... | | |
| CVE-2024-44199 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Son... | | |
| CVE-2024-44200 | This issue was addressed with improved redaction of sensitive information. This issue is fixed in iO... | | |
| CVE-2024-44201 | The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, macOS V... | | |
| CVE-2024-44202 | An authentication issue was addressed with improved state management. This issue is fixed in iOS 18 ... | | |
| CVE-2024-44203 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia... | | |
| CVE-2024-44204 | A logic issue was addressed with improved validation. This issue is fixed in iOS 18.0.1 and iPadOS 1... | | |
| CVE-2024-44205 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fi... | | |
| CVE-2024-44206 | An issue in the handling of URL protocols was addressed with improved logic. This issue is fixed in ... | | |
| CVE-2024-44207 | This issue was addressed with improved checks. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. ... | | |
| CVE-2024-44208 | This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.... | | |
| CVE-2024-44211 | This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia ... | | |
| CVE-2024-44212 | A cookie management issue was addressed with improved state management. This issue is fixed in Safar... | | |
| CVE-2024-44213 | An issue existed in the parsing of URLs. This issue was addressed with improved input validation. Th... | | |
| CVE-2024-44215 | This issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS... | | |
| CVE-2024-44216 | An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ven... | | |
| CVE-2024-44217 | A permissions issue was addressed by removing vulnerable code and adding additional checks. This iss... | | |
| CVE-2024-44218 | This issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, ... | | |
| CVE-2024-44220 | The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2, ma... | | |
| CVE-2024-44222 | This issue was addressed with improved redaction of sensitive information. This issue is fixed in ma... | | |
| CVE-2024-44223 | This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.... | | |
| CVE-2024-44224 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia... | | |
| CVE-2024-44225 | A logic issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2... | | |
| CVE-2024-44227 | The issue was addressed with improved memory handling. This issue is fixed in iOS 18 and iPadOS 18, ... | | |
| CVE-2024-44228 | This issue was addressed with improved permissions checking. This issue is fixed in Xcode 16. An app... | | |
| CVE-2024-44229 | An information leakage was addressed with additional validation. This issue is fixed in visionOS 2.1... | | |
| CVE-2024-44231 | This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.... | | |
| CVE-2024-44232 | The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.7.1, mac... | | |
| CVE-2024-44233 | The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.7.1, mac... | | |
| CVE-2024-44234 | The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.7.1, mac... | | |
| CVE-2024-44235 | The issue was addressed with improved checks. This issue is fixed in iOS 18.1 and iPadOS 18.1. An at... | | |
| CVE-2024-44236 | An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in ma... | | |
| CVE-2024-44237 | An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in ma... | | |
| CVE-2024-44239 | An information disclosure issue was addressed with improved private data redaction for log entries. ... | | |
| CVE-2024-44240 | The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS ... | | |
| CVE-2024-44241 | The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1... | | |
| CVE-2024-44242 | The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1... | | |
| CVE-2024-44243 | A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Sequo... | | |
| CVE-2024-44244 | A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 1... | | |
| CVE-2024-44245 | The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, visionO... | | |
| CVE-2024-44246 | The issue was addressed with improved routing of Safari-originated requests. This issue is fixed in ... | | |
| CVE-2024-44247 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Son... | | |
| CVE-2024-44248 | This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.... | | |
| CVE-2024-44251 | This issue was addressed through improved state management. This issue is fixed in iOS 18.1 and iPad... | | |
| CVE-2024-44252 | A logic issue was addressed with improved file handling. This issue is fixed in iOS 18.1 and iPadOS ... | | |
| CVE-2024-44253 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Son... | | |
| CVE-2024-44254 | This issue was addressed with improved redaction of sensitive information. This issue is fixed in wa... | | |
| CVE-2024-44255 | A path handling issue was addressed with improved logic. This issue is fixed in visionOS 2.1, iOS 18... | | |
| CVE-2024-44256 | The issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.7.... | | |
| CVE-2024-44257 | This issue was addressed with improved redaction of sensitive information. This issue is fixed in ma... | | |
| CVE-2024-44258 | This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.1 and iPa... | | |
| CVE-2024-44259 | This issue was addressed through improved state management. This issue is fixed in iOS 17.7.1 and iP... | | |
| CVE-2024-44260 | This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.7.... | | |
| CVE-2024-44261 | This issue was addressed by restricting options offered on a locked device. This issue is fixed in i... | | |
| CVE-2024-44262 | This issue was addressed with improved redaction of sensitive information. This issue is fixed in vi... | | |
| CVE-2024-44263 | A logic issue was addressed with improved state management. This issue is fixed in iOS 18.1 and iPad... | | |
| CVE-2024-44264 | This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura ... | | |
| CVE-2024-44265 | The issue was addressed by restricting options offered on a locked device. This issue is fixed in ma... | | |
| CVE-2024-44267 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Son... | | |
| CVE-2024-44269 | A logic issue was addressed with improved checks. This issue is fixed in iOS 18.1 and iPadOS 18.1, i... | | |
| CVE-2024-44270 | A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7.1, m... | | |
| CVE-2024-44273 | This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.1 and iPa... | | |
| CVE-2024-44274 | The issue was addressed with improved authentication. This issue is fixed in iOS 17.7.1 and iPadOS 1... | | |
| CVE-2024-44275 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Son... | | |
| CVE-2024-44276 | This issue was addressed by using HTTPS when sending information over the network. This issue is fix... | | |
| CVE-2024-44277 | The issue was addressed with improved memory handling. This issue is fixed in iOS 18.1 and iPadOS 18... | | |
| CVE-2024-44278 | An information disclosure issue was addressed with improved private data redaction for log entries. ... | | |
| CVE-2024-44279 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ven... | | |
| CVE-2024-44280 | A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing res... | | |
| CVE-2024-44281 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ven... | | |
| CVE-2024-44282 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 18.1... | | |
| CVE-2024-44283 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Vent... | | |
| CVE-2024-44284 | An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in ma... | | |
| CVE-2024-44285 | A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.... | | |
| CVE-2024-44287 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Son... | | |
| CVE-2024-44289 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fi... | | |
| CVE-2024-44290 | This issue was addressed with improved redaction of sensitive information. This issue is fixed in iO... | | |
| CVE-2024-44291 | A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15.2, ... | | |
| CVE-2024-44292 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fi... | | |
| CVE-2024-44293 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fi... | | |
| CVE-2024-44294 | A path deletion vulnerability was addressed by preventing vulnerable code from running with privileg... | | |
| CVE-2024-44295 | This issue was addressed with additional entitlement checks. This issue is fixed in macOS Ventura 13... | | |
| CVE-2024-44296 | The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS ... | | |
| CVE-2024-44297 | The issue was addressed with improved bounds checks. This issue is fixed in tvOS 18.1, iOS 18.1 and ... | | |
| CVE-2024-44298 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fi... | | |
| CVE-2024-44299 | The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1... | | |
| CVE-2024-44300 | A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15.2, ... | | |
| CVE-2024-44301 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Son... | | |
| CVE-2024-44302 | The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS ... | | |
| CVE-2024-44305 | This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.6. ... | | |
| CVE-2024-44306 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS So... | | |
| CVE-2024-44307 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS So... | | |
| CVE-2024-44308 | The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and i... | KEV | |
| CVE-2024-44309 | A cookie management issue was addressed with improved state management. This issue is fixed in Safar... | KEV | |
| CVE-2024-44313 | TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice() function with... | E | |
| CVE-2024-44314 | TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the Orders Management Syste... | | |
| CVE-2024-44331 | Incorrect Access Control in GStreamer RTSP server 1.25.0 in gst-rtsp-server/rtsp-media.c allows remo... | | |
| CVE-2024-44333 | D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18... | | |
| CVE-2024-44334 | D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18... | | |
| CVE-2024-44335 | D-Link DI-7003G v19.12.24A1, DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1... | | |
| CVE-2024-44336 | An issue in AnkiDroid Android Application v2.17.6 allows attackers to retrieve internal files from t... | | |
| CVE-2024-44337 | The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering... | | |
| CVE-2024-44340 | D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability... | | |
| CVE-2024-44341 | D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability... | | |
| CVE-2024-44342 | D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability... | | |
| CVE-2024-44349 | A SQL injection vulnerability in login portal in AnteeoWMS before v4.7.34 allows unauthenticated att... | | |
| CVE-2024-44375 | D-Link DI-8100 v16.07.26A1 has a stack overflow vulnerability in the dbsrv_asp function.... | E | |
| CVE-2024-44381 | D-Link DI_8004W 16.07.26A1 contains a command execution vulnerability in jhttpd msp_info_htm functio... | E | |
| CVE-2024-44382 | D-Link DI_8004W 16.07.26A1 contains a command execution vulnerability in the jhttpd upgrade_filter_a... | E | |
| CVE-2024-44383 | WAYOS FBM-291W v19.09.11 is vulnerable to Command Execution via msp_info_htm.... | E | |
| CVE-2024-44386 | Tenda FH1206 V1.2.0.8(8155)_EN contains a Buffer Overflow vulnerability via the function fromSetIpBi... | | |
| CVE-2024-44387 | Tenda FH1206 V1.2.0.8(8155)_EN contains a Buffer Overflow vulnerability via the functino formWrlExtr... | | |
| CVE-2024-44390 | Tenda FH1206 V1.2.0.8(8155)_EN contains a Buffer Overflow vulnerability via the function formWrlsafe... | | |
| CVE-2024-44400 | A vulnerability was discovered in DI_8400-16.07.26A1, which has been classified as critical. This is... | E | |
| CVE-2024-44401 | D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via sub47A60C function in the upgrade_... | E | |
| CVE-2024-44402 | D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via msp_info.htm.... | E | |
| CVE-2024-44408 | D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. The device allows unauth... | E | |
| CVE-2024-44410 | D-Link DI-8300 v16.07.26A1 is vulnerable to command injection via the upgrade_filter_asp function.... | E | |
| CVE-2024-44411 | D-Link DI-8300 v16.07.26A1 is vulnerable to command injection via the msp_info_htm function.... | E | |
| CVE-2024-44413 | A vulnerability was discovered in DI_8200-16.07.26A1, which has been classified as critical. This is... | | |
| CVE-2024-44414 | A vulnerability was discovered in FBM_292W-21.03.10V, which has been classified as critical. This is... | | |
| CVE-2024-44415 | A vulnerability was discovered in DI_8200-16.07.26A1, There is a buffer overflow in the dbsrv_asp fu... | | |
| CVE-2024-44430 | SQL Injection vulnerability in Best Free Law Office Management Software-v1.0 allows an attacker to e... | E | |
| CVE-2024-44439 | An issue in Shanghai Zhouma Network Technology CO., Ltd IMS Intelligent Manufacturing Collaborative ... | | |
| CVE-2024-44445 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-44449 | Cross Site Scripting vulnerability in Quorum onQ OS v.6.0.0.5.2064 allows a remote attacker to obtai... | | |
| CVE-2024-44450 | Multiple functions are vulnerable to Authorization Bypass in AIMS eCrew. The issue was fixed in vers... | | |
| CVE-2024-44459 | A memory allocation issue in vernemq v2.0.1 allows attackers to cause a Denial of Service (DoS) via ... | | |
| CVE-2024-44460 | An invalid read size in Nanomq v0.21.9 allows attackers to cause a Denial of Service (DoS).... | | |
| CVE-2024-44466 | COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. Attackers can s... | E | |
| CVE-2024-44540 | Ubiquiti AirMax firmware version firmware version 8 allows attackers with physical access to gain a ... | | |
| CVE-2024-44541 | evilnapsis Inventio Lite Versions v4 and before is vulnerable to SQL Injection via the "username" pa... | | |
| CVE-2024-44542 | SQL Injection vulnerability in todesk v.1.1 allows a remote attacker to execute arbitrary code via t... | | |
| CVE-2024-44546 | Powerjob >= 3.20 is vulnerable to SQL injection via the version parameter.... | | |
| CVE-2024-44549 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function form... | E | |
| CVE-2024-44550 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function f... | E | |
| CVE-2024-44551 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function for... | E | |
| CVE-2024-44552 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the functi... | E | |
| CVE-2024-44553 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function form... | E | |
| CVE-2024-44555 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function set... | E | |
| CVE-2024-44556 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the functi... | E | |
| CVE-2024-44557 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function setI... | E | |
| CVE-2024-44558 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function s... | E | |
| CVE-2024-44563 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function setI... | E | |
| CVE-2024-44565 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the serverName parameter in the function form_fa... | E | |
| CVE-2024-44570 | RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a code injection vulnerability via the getPar... | | |
| CVE-2024-44571 | RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain incorrect access control in the mService func... | | |
| CVE-2024-44572 | RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the sys... | | |
| CVE-2024-44573 | A stored cross-site scripting (XSS) vulnerability in the VLAN configuration of RELY-PCIe v22.2.1 to ... | | |
| CVE-2024-44574 | RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the sys... | | |
| CVE-2024-44575 | RELY-PCIe v22.2.1 to v23.1.0 does not set the Secure attribute for sensitive cookies in HTTPS sessio... | | |
| CVE-2024-44577 | RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the tim... | | |
| CVE-2024-44587 | itsourcecode Alton Management System 1.0 is vulnerable to SQL Injection in /noncombo_save.php via th... | E | |
| CVE-2024-44589 | Stack overflow vulnerability in the Login function in the HNAP service in D-Link DCS-960L with firmw... | E | |
| CVE-2024-44610 | PCAN-Ethernet Gateway FD before 1.3.0 and PCAN-Ethernet Gateway before 2.11.0 are vulnerable to Comm... | | |
| CVE-2024-44623 | An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code via... | | |
| CVE-2024-44625 | Gogs <=0.13.0 is vulnerable to Directory Traversal via the editFilePost function of internal/route/r... | E | |
| CVE-2024-44667 | Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router M7628NNxISPxUIv2_v1.0.1557.15.35_P0... | | |
| CVE-2024-44674 | D-Link COVR-2600R FW101b05 is vulnerable to Buffer Overflow. In the function sub_24E28, the HTTP_REF... | E | |
| CVE-2024-44676 | eladmin v2.7 and before is vulnerable to Cross Site Scripting (XSS) which allows an attacker to exec... | E | |
| CVE-2024-44677 | eladmin v2.7 and before is vulnerable to Server-Side Request Forgery (SSRF) which allows an attacker... | E | |
| CVE-2024-44678 | Gigastone TR1 Travel Router R101 v1.0.2 is vulnerable to Command Injection. This allows an authentic... | | |
| CVE-2024-44682 | ShopXO 6.2 is vulnerable to Cross Site Scripting (XSS) in the backend that allows attackers to execu... | | |
| CVE-2024-44683 | Seacms v13 is vulnerable to Cross Site Scripting (XSS) via admin-video.php.... | | |
| CVE-2024-44684 | TpMeCMS 1.3.3.2 is vulnerable to Cross Site Scripting (XSS) in /h.php/page?ref=addtabs via the "Titl... | | |
| CVE-2024-44685 | Titan SFTP and Titan MFT Server 2.0.25.2426 and earlier have a vulnerability a vulnerability where s... | | |
| CVE-2024-44711 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2024-44716 | A cross-site scripting (XSS) vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary w... | | |
| CVE-2024-44717 | A cross-site scripting (XSS) vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary w... | | |
| CVE-2024-44720 | SeaCMS v13.1 was discovered to an arbitrary file read vulnerability via the component admin_safe.php... | E | |
| CVE-2024-44721 | SeaCMS v13.1 was discovered to a Server-Side Request Forgery (SSRF) via the url parameter at /admin_... | E | |
| CVE-2024-44724 | AutoCMS v5.4 was discovered to contain a PHP code injection vulnerability via the txtsite_url parame... | E | |
| CVE-2024-44725 | AutoCMS v5.4 was discovered to contain a SQL injection vulnerability via the sidebar parameter at /a... | E | |
| CVE-2024-44727 | Sourcecodehero Event Management System1.0 is vulnerable to SQL Injection via the parameter 'username... | E | |
| CVE-2024-44728 | Sourcecodehero Event Management System 1.0 allows Stored Cross-Site Scripting via parameters Full Na... | E | |
| CVE-2024-44729 | Incorrect access control in the component app/src/server.js of Mirotalk before commit 9de226 allows ... | | |
| CVE-2024-44730 | Incorrect access control in the function handleDataChannelChat(dataMessage) of Mirotalk before commi... | | |
| CVE-2024-44731 | Mirotalk before commit 9de226 was discovered to contain a DOM-based cross-site scripting (XSS) vulne... | | |
| CVE-2024-44734 | Incorrect access control in Mirotalk before commit 9de226 allows attackers to arbitrarily change use... | | |
| CVE-2024-44739 | Sourcecodester Simple Forum Website v1.0 has a SQL injection vulnerability in /php-sqlite-forum/?pag... | E | |
| CVE-2024-44744 | An issue in Malwarebytes Premium Security v5.0.0.883 allows attackers to execute arbitrary code via ... | | |
| CVE-2024-44754 | Cryptographic key extraction from internal flash in Minut M2 with firmware version #15142 allows phy... | | |
| CVE-2024-44756 | NUS-M9 ERP Management Software v3.0.0 was discovered to contain a SQL injection vulnerability via th... | | |
| CVE-2024-44757 | An arbitrary file download vulnerability in the component /Basics/DownloadInpFile of NUS-M9 ERP Mana... | | |
| CVE-2024-44758 | An arbitrary file upload vulnerability in the component /Production/UploadFile of NUS-M9 ERP Managem... | | |
| CVE-2024-44759 | An arbitrary file download vulnerability in the component /Doc/DownloadFile of NUS-M9 ERP Management... | | |
| CVE-2024-44760 | Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise Ma... | E | |
| CVE-2024-44761 | An issue in EQ Enterprise Management System before v2.0.0 allows attackers to execute a directory tr... | E | |
| CVE-2024-44762 | A discrepancy in error messages for invalid login attempts in Webmin Usermin v2.100 allows attackers... | | |
| CVE-2024-44765 | An Improper Authorization (Access Control Misconfiguration) vulnerability in MGT-COMMERCE GmbH Cloud... | | |
| CVE-2024-44771 | BigId PrivacyPortal v179 is vulnerable to Cross Site Scripting (XSS) via the "Label" field in the Re... | E | |
| CVE-2024-44775 | An issue in kmqtt v0.2.7 allows attackers to cause a Denial of Service(DoS) via a crafted request.... | | |
| CVE-2024-44776 | An Open Redirect vulnerability in the page parameter of vTiger CRM v7.4.0 allows attackers to redire... | | |
| CVE-2024-44777 | A reflected cross-site scripting (XSS) vulnerability in the tag parameter in the index page of vTige... | | |
| CVE-2024-44778 | A reflected cross-site scripting (XSS) vulnerability in the parent parameter in the index page of vT... | | |
| CVE-2024-44779 | A reflected cross-site scripting (XSS) vulnerability in the viewname parameter in the index page of ... | | |
| CVE-2024-44786 | Incorrect access control in Meabilis CMS 1.0 allows attackers to access other users' address books v... | | |
| CVE-2024-44793 | A cross-site scripting (XSS) vulnerability in the component /managers/multiple_freeleech.php of Gaze... | E | |
| CVE-2024-44794 | A cross-site scripting (XSS) vulnerability in the component /master/auth/OnedriveRedirect.php of Pic... | E | |
| CVE-2024-44795 | A cross-site scripting (XSS) vulnerability in the component /login/disabled.php of Gazelle commit 63... | E | |
| CVE-2024-44796 | A cross-site scripting (XSS) vulnerability in the component /auth/AzureRedirect.php of PicUploader c... | E | |
| CVE-2024-44797 | A cross-site scripting (XSS) vulnerability in the component /managers/enable_requests.php of Gazelle... | E | |
| CVE-2024-44798 | phpgurukul Bus Pass Management System 1.0 is vulnerable to Cross-site scripting (XSS) in /admin/pass... | E | |
| CVE-2024-44807 | A directory listing issue in the baserCMS plugin in D-ZERO CO., LTD. BurgerEditor and BurgerEditor L... | | |
| CVE-2024-44808 | An issue in Vypor Attack API System v.1.0 allows a remote attacker to execute arbitrary code via the... | | |
| CVE-2024-44809 | A remote code execution (RCE) vulnerability exists in the Pi Camera project, version 1.0, maintained... | | |
| CVE-2024-44812 | SQL Injection vulnerability in Online Complaint Site v.1.0 allows a remote attacker to escalate priv... | | |
| CVE-2024-44815 | Vulnerability in Hathway Skyworth Router CM5100 v.4.1.1.24 allows a physically proximate attacker to... | E | |
| CVE-2024-44817 | SQL Injection vulnerability in ZZCMS v.2023 and before allows a remote attacker to obtain sensitive ... | E | |
| CVE-2024-44818 | Cross Site Scripting vulnerability in ZZCMS v.2023 and before allows a remote attacker to obtain sen... | E | |
| CVE-2024-44819 | Cross Site Scripting vulnerability in ZZCMS v.2023 and before allows a remote attacker to obtain sen... | E | |
| CVE-2024-44820 | A sensitive information disclosure vulnerability exists in ZZCMS v.2023 and before within the eginfo... | E | |
| CVE-2024-44821 | ZZCMS 2023 contains a vulnerability in the captcha reuse logic located in /inc/function.php. The che... | E | |
| CVE-2024-44825 | Directory Traversal vulnerability in Centro de Tecnologia da Informaco Renato Archer InVesalius3 v3.... | | |
| CVE-2024-44837 | A cross-site scripting (XSS) vulnerability in the component \bean\Manager.java of Drug v1.0 allows a... | E | |
| CVE-2024-44838 | RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the username parameter a... | E | |
| CVE-2024-44839 | RapidCMS v1.3.1 was discovered to contain a SQL injection vulnerability via the articleid parameter ... | E | |
| CVE-2024-44843 | An issue in the web socket handshake process of SteVe v3.7.1 allows attackers to bypass authenticati... | E | |
| CVE-2024-44844 | DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection vulnerabilit... | E | |
| CVE-2024-44845 | DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection vulnerabilit... | E | |
| CVE-2024-44849 | Qualitor up to 8.24 is vulnerable to Remote Code Execution (RCE) via Arbitrary File Upload in checkA... | | |
| CVE-2024-44851 | A stored cross-site scripting (XSS) vulnerability in the Discussion section of Perfex CRM v1.1.0 all... | E | |
| CVE-2024-44852 | Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a segme... | E | |
| CVE-2024-44853 | Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL ... | E | |
| CVE-2024-44854 | Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL ... | E | |
| CVE-2024-44855 | Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL ... | E | |
| CVE-2024-44856 | Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL ... | E | |
| CVE-2024-44859 | Tenda FH1201 v1.2.0.14 has a stack buffer overflow vulnerability in `formWrlExtraGet`.... | E | |
| CVE-2024-44860 | An information disclosure vulnerability in the /Letter/PrintQr/ endpoint of Solvait v24.4.2 allows a... | | |
| CVE-2024-44866 | A buffer overflow in the GuitarPro1::read function of MuseScore Studio v4.3.2 allows attackers to to... | | |
| CVE-2024-44867 | phpok v3.0 was discovered to contain an arbitrary file read vulnerability via the component /autoloa... | | |
| CVE-2024-44871 | An arbitrary file upload vulnerability in the component /admin/index.php of moziloCMS v3.0 allows at... | E | |
| CVE-2024-44872 | A reflected cross-site scripting (XSS) vulnerability in moziloCMS v3.0 allows attackers to execute a... | E | |
| CVE-2024-44893 | An issue in the component /jeecg-boot/jmreport/dict/list of JimuReport v1.7.8 allows attacker to esc... | | |
| CVE-2024-44902 | A deserialization vulnerability in Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary c... | | |
| CVE-2024-44903 | SQL Injection can occur in the SirsiDynix Horizon Information Portal (IPAC20) through 3.25_9382; how... | E | |
| CVE-2024-44910 | NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the AOS subsystem (crypto_... | E | |
| CVE-2024-44911 | NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TC subsystem (crypto_t... | | |
| CVE-2024-44912 | NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TM subsystem (crypto_t... | | |
| CVE-2024-44913 | An issue in the component EXR!ReadEXR+0x40ef1 of Irfanview v4.67.1.0 allows attackers to cause an ac... | E | |
| CVE-2024-44914 | An issue in the component EXR!ReadEXR+0x3df50 of Irfanview v4.67.1.0 allows attackers to cause an ac... | E | |
| CVE-2024-44915 | An issue in the component EXR!ReadEXR+0x4eef0 of Irfanview v4.67.1.0 allows attackers to cause an ac... | E | |
| CVE-2024-44916 | Vulnerability in admin_ip.php in Seacms v13.1, when action=set, allows attackers to control IP param... | E | |
| CVE-2024-44918 | A cross-site scripting (XSS) vulnerability in the component admin_datarelate.php of SeaCMS v12.9 all... | E | |
| CVE-2024-44919 | A cross-site scripting (XSS) vulnerability in the component admin_ads.php of SeaCMS v12.9 allows att... | E | |
| CVE-2024-44920 | A cross-site scripting (XSS) vulnerability in the component admin_collect_news.php of SeaCMS v12.9 a... | E | |
| CVE-2024-44921 | SeaCMS v12.9 was discovered to contain a SQL injection vulnerability via the id parameter at /dmplay... | E | |
| CVE-2024-44930 | Serilog before v2.1.0 was discovered to contain a Client IP Spoofing vulnerability, which allows att... | | |
| CVE-2024-44931 | gpio: prevent potential speculation leaks in gpio_device_get_desc() | S | |
| CVE-2024-44932 | idpf: fix UAFs when destroying the queues | S | |
| CVE-2024-44933 | bnxt_en : Fix memory out-of-bounds in bnxt_fill_hw_rss_tbl() | S | |
| CVE-2024-44934 | net: bridge: mcast: wait for previous gc cycles when removing port | S | |
| CVE-2024-44935 | sctp: Fix null-ptr-deref in reuseport_add_sock(). | S | |
| CVE-2024-44936 | power: supply: rt5033: Bring back i2c_set_clientdata | S | |
| CVE-2024-44937 | platform/x86: intel-vbtn: Protect ACPI notify handler against recursion | S | |
| CVE-2024-44938 | jfs: Fix shift-out-of-bounds in dbDiscardAG | S | |
| CVE-2024-44939 | jfs: fix null ptr deref in dtInsertEntry | S | |
| CVE-2024-44940 | fou: remove warn in gue_gro_receive on unsupported protocol | S | |
| CVE-2024-44941 | f2fs: fix to cover read extent cache access with lock | S | |
| CVE-2024-44942 | f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC | S | |
| CVE-2024-44943 | mm: gup: stop abusing try_grab_folio | S | |
| CVE-2024-44944 | netfilter: ctnetlink: use helper function to calculate expect ID | S | |
| CVE-2024-44945 | netfilter: nfnetlink: Initialise extack before use in ACKs | S | |
| CVE-2024-44946 | kcm: Serialise kcm_sendmsg() for the same socket. | S | |
| CVE-2024-44947 | fuse: Initialize beyond-EOF page contents before setting uptodate | S | |
| CVE-2024-44948 | x86/mtrr: Check if fixed MTRRs exist before saving them | | |
| CVE-2024-44949 | parisc: fix a possible DMA corruption | S | |
| CVE-2024-44950 | serial: sc16is7xx: fix invalid FIFO access with special register set | S | |
| CVE-2024-44951 | serial: sc16is7xx: fix TX fifo corruption | S | |
| CVE-2024-44952 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2024-44953 | scsi: ufs: core: Fix deadlock during RTC update | S | |
| CVE-2024-44954 | ALSA: line6: Fix racy access to midibuf | S | |
| CVE-2024-44955 | drm/amd/display: Don't refer to dc_sink in is_dsc_need_re_compute | S | |
| CVE-2024-44956 | drm/xe/preempt_fence: enlarge the fence critical section | S | |
| CVE-2024-44957 | xen: privcmd: Switch from mutex to spinlock for irqfds | S | |
| CVE-2024-44958 | sched/smt: Fix unbalance sched_smt_present dec/inc | S | |
| CVE-2024-44959 | tracefs: Use generic inode RCU for synchronizing freeing | S | |
| CVE-2024-44960 | usb: gadget: core: Check for unset descriptor | S | |
| CVE-2024-44961 | drm/amdgpu: Forward soft recovery errors to userspace | S | |
| CVE-2024-44962 | Bluetooth: btnxpuart: Shutdown timer and prevent rearming when driver unloading | S | |
| CVE-2024-44963 | btrfs: do not BUG_ON() when freeing tree block after error | S | |
| CVE-2024-44964 | idpf: fix memory leaks and crashes while performing a soft reset | S | |
| CVE-2024-44965 | x86/mm: Fix pti_clone_pgtable() alignment assumption | S | |
| CVE-2024-44966 | binfmt_flat: Fix corruption when not offsetting data start | S | |
| CVE-2024-44967 | drm/mgag200: Bind I2C lifetime to DRM device | S | |
| CVE-2024-44968 | tick/broadcast: Move per CPU pointer access into the atomic section | S | |
| CVE-2024-44969 | s390/sclp: Prevent release of buffer in I/O | S | |
| CVE-2024-44970 | net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink | S | |
| CVE-2024-44971 | net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() | S | |
| CVE-2024-44972 | btrfs: do not clear page dirty inside extent_write_locked_range() | S | |
| CVE-2024-44973 | mm, slub: do not call do_slab_free for kfence object | S | |
| CVE-2024-44974 | mptcp: pm: avoid possible UaF when selecting endp | S | |
| CVE-2024-44975 | cgroup/cpuset: fix panic caused by partcmd_update | S | |
| CVE-2024-44976 | ata: pata_macio: Fix DMA table overflow | S | |
| CVE-2024-44977 | drm/amdgpu: Validate TA binary size | S | |
| CVE-2024-44978 | drm/xe: Free job before xe_exec_queue_put | S | |
| CVE-2024-44979 | drm/xe: Fix missing workqueue destroy in xe_gt_pagefault | S | |
| CVE-2024-44980 | drm/xe: Fix opregion leak | S | |
| CVE-2024-44981 | workqueue: Fix UBSAN 'subtraction overflow' error in shift_and_mask() | S | |
| CVE-2024-44982 | drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails | S | |
| CVE-2024-44983 | netfilter: flowtable: validate vlan header | S | |
| CVE-2024-44984 | bnxt_en: Fix double DMA unmapping for XDP_REDIRECT | S | |
| CVE-2024-44985 | ipv6: prevent possible UAF in ip6_xmit() | S | |
| CVE-2024-44986 | ipv6: fix possible UAF in ip6_finish_output2() | S | |
| CVE-2024-44987 | ipv6: prevent UAF in ip6_send_skb() | S | |
| CVE-2024-44988 | net: dsa: mv88e6xxx: Fix out-of-bound access | S | |
| CVE-2024-44989 | bonding: fix xfrm real_dev null pointer dereference | S | |
| CVE-2024-44990 | bonding: fix null pointer deref in bond_ipsec_offload_ok | S | |
| CVE-2024-44991 | tcp: prevent concurrent execution of tcp_sk_exit_batch | S | |
| CVE-2024-44992 | smb/client: avoid possible NULL dereference in cifs_free_subrequest() | S | |
| CVE-2024-44993 | drm/v3d: Fix out-of-bounds read in `v3d_csd_job_run()` | S | |
| CVE-2024-44994 | iommu: Restore lost return in iommu_report_device_fault() | S | |
| CVE-2024-44995 | net: hns3: fix a deadlock problem when config TC during resetting | S | |
| CVE-2024-44996 | vsock: fix recursive ->recvmsg calls | S | |
| CVE-2024-44997 | net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb() | S | |
| CVE-2024-44998 | atm: idt77252: prevent use after free in dequeue_rx() | S | |
| CVE-2024-44999 | gtp: pull network headers in gtp_dev_xmit() | S |