CVE List - 2024 / January
Showing 401 - 500 of 2591 CVEs for January 2024 (Page 5 of 26)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-0289 | 2024-01-08 | Kashipara Food Management System stock_entry_submit.php sql injection |
| CVE-2024-0290 | 2024-01-08 | Kashipara Food Management System stock_edit.php sql injection |
| CVE-2024-0291 | 2024-01-08 | Totolink LR1200GB cstecgi.cgi UploadFirmwareFile command injection |
| CVE-2023-7215 | 2024-01-08 | Chanzhaoyu chatgpt-web cross site scripting |
| CVE-2023-50948 | 2024-01-08 | IBM Storage Fusion HCI information disclosure |
| CVE-2024-0292 | 2024-01-08 | Totolink LR1200GB cstecgi.cgi setOpModeCfg os command injection |
| CVE-2023-47140 | 2024-01-08 | IBM CICS Transaction Gateway improper access controls |
| CVE-2024-0293 | 2024-01-08 | Totolink LR1200GB cstecgi.cgi setUploadSetting os command injection |
| CVE-2024-0294 | 2024-01-08 | Totolink LR1200GB cstecgi.cgi setUssd os command injection |
| CVE-2024-0295 | 2024-01-08 | Totolink LR1200GB cstecgi.cgi setWanCfg os command injection |
| CVE-2024-0296 | 2024-01-08 | Totolink N200RE cstecgi.cgi NTPSyncWithHost os command injection |
| CVE-2024-0297 | 2024-01-08 | Totolink N200RE cstecgi.cgi UploadFirmwareFile os command injection |
| CVE-2024-0298 | 2024-01-08 | Totolink N200RE cstecgi.cgi setDiagnosisCfg os command injection |
| CVE-2024-0299 | 2024-01-08 | Totolink N200RE cstecgi.cgi setTracerouteCfg os command injection |
| CVE-2024-0300 | 2024-01-08 | Byzoro Smart S150 Management Platform HTTP POST Request userattestation.php unrestricted upload |
| CVE-2024-0301 | 2024-01-08 | fhs-opensource iparking PayTempOrderAction.java getData sql injection |
| CVE-2024-0302 | 2024-01-08 | fhs-opensource iparking vueLogin deserialization |
| CVE-2024-0303 | 2024-01-08 | Youke365 Parameter caiji.php server-side request forgery |
| CVE-2024-0304 | 2024-01-08 | Youke365 collect.php server-side request forgery |
| CVE-2024-0305 | 2024-01-08 | Guangzhou Yingke Electronic Technology Ncast Guest Login IPSetup.php information disclosure |
| CVE-2023-29048 | 2024-01-08 | A component for parsing OXMF templates could be abused to execute arbitrary system commands that would be executed as the non-privileged runtime user. Users and attackers could run system commands... |
| CVE-2023-29049 | 2024-01-08 | The "upsell" widget at the portal page could be abused to inject arbitrary script code. Attackers that manage to lure users to a compromised account, or gain temporary access to... |
| CVE-2023-29050 | 2024-01-08 | The optional "LDAP contacts provider" could be abused by privileged users to inject LDAP filter strings that allow to access content outside of the intended hierarchy. Unauthorized users could break... |
| CVE-2024-0306 | 2024-01-08 | Kashipara Dynamic Lab Management System admin_login_process.php sql injection |
| CVE-2023-29051 | 2024-01-08 | User-defined OXMF templates could be used to access a limited part of the internal OX App Suite Java API. The existing switch to disable the feature by default was not... |
| CVE-2023-29052 | 2024-01-08 | Users were able to define disclaimer texts for an upsell shop dialog that would contain script code that was not sanitized correctly. Attackers could lure victims to user accounts with... |
| CVE-2023-41710 | 2024-01-08 | User-defined script code could be stored for a upsell related shop URL. This code was not correctly sanitized when adding it to DOM. Attackers could lure victims to user accounts... |
| CVE-2023-5091 | 2024-01-08 | Mali GPU Kernel Driver allows improper GPU processing operations |
| CVE-2024-0307 | 2024-01-08 | Kashipara Dynamic Lab Management System login_process.php sql injection |
| CVE-2024-0308 | 2024-01-08 | Inis Proxy.php server-side request forgery |
| CVE-2023-6921 | 2024-01-08 | SQL Injection in PrestaShop Google Integrator |
| CVE-2024-0321 | 2024-01-08 | Stack-based Buffer Overflow in gpac/gpac |
| CVE-2023-6552 | 2024-01-08 | Open redirect in TasmoAdmin |
| CVE-2024-0322 | 2024-01-08 | Out-of-bounds Read in gpac/gpac |
| CVE-2024-21645 | 2024-01-08 | pyLoad Log Injection |
| CVE-2024-21644 | 2024-01-08 | pyLoad unauthenticated flask configuration leakage |
| CVE-2024-21647 | 2024-01-08 | HTTP Request/Response Smuggling in puma |
| CVE-2023-51701 | 2024-01-08 | @fastify-reply-from JSON Content-Type parsing confusion |
| CVE-2023-7224 | 2024-01-08 | OpenVPN Connect version 3.0 through 3.4.6 on macOS allows local users to execute code in external third party libraries using the DYLD_INSERT_LIBRARIES environment variable |
| CVE-2023-47211 | 2024-01-08 | A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious... |
| CVE-2023-38583 | 2024-01-08 | A stack-based buffer overflow vulnerability exists in the LXT2 lxt2_rd_expand_integer_to_bits function of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-39443 | 2024-01-08 | Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a... |
| CVE-2023-39444 | 2024-01-08 | Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a... |
| CVE-2023-39413 | 2024-01-08 | Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to... |
| CVE-2023-39414 | 2024-01-08 | Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to... |
| CVE-2023-38657 | 2024-01-08 | An out-of-bounds write vulnerability exists in the LXT2 zlib block decompression functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need... |
| CVE-2023-35989 | 2024-01-08 | An integer overflow vulnerability exists in the LXT2 zlib block allocation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need... |
| CVE-2023-35057 | 2024-01-08 | An integer overflow vulnerability exists in the LXT2 lxt2_rd_trace value elements allocation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need... |
| CVE-2023-39316 | 2024-01-08 | Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open... |
| CVE-2023-39317 | 2024-01-08 | Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open... |
| CVE-2023-34436 | 2024-01-08 | An out-of-bounds write vulnerability exists in the LXT2 num_time_table_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open... |
| CVE-2023-39270 | 2024-01-08 | Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-39271 | 2024-01-08 | Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-39272 | 2024-01-08 | Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-39273 | 2024-01-08 | Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-39274 | 2024-01-08 | Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-39275 | 2024-01-08 | Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-39234 | 2024-01-08 | Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-39235 | 2024-01-08 | Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-35004 | 2024-01-08 | An integer overflow vulnerability exists in the VZT longest_len value allocation functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need... |
| CVE-2023-38652 | 2024-01-08 | Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode dict parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to... |
| CVE-2023-38653 | 2024-01-08 | Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode dict parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to... |
| CVE-2023-38650 | 2024-01-08 | Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode times parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to... |
| CVE-2023-38651 | 2024-01-08 | Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode times parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to... |
| CVE-2023-38648 | 2024-01-08 | Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_get_facname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-38649 | 2024-01-08 | Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_get_facname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-38618 | 2024-01-08 | Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-38619 | 2024-01-08 | Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-38620 | 2024-01-08 | Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-38621 | 2024-01-08 | Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-38622 | 2024-01-08 | Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-38623 | 2024-01-08 | Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-36861 | 2024-01-08 | An out-of-bounds write vulnerability exists in the VZT LZMA_read_varint functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open... |
| CVE-2023-37282 | 2024-01-08 | An out-of-bounds write vulnerability exists in the VZT LZMA_Read dmem extraction functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need... |
| CVE-2023-37921 | 2024-01-08 | Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-37922 | 2024-01-08 | Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-37923 | 2024-01-08 | Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-37573 | 2024-01-08 | Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open... |
| CVE-2023-37574 | 2024-01-08 | Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open... |
| CVE-2023-37575 | 2024-01-08 | Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open... |
| CVE-2023-37576 | 2024-01-08 | Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open... |
| CVE-2023-37577 | 2024-01-08 | Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open... |
| CVE-2023-37578 | 2024-01-08 | Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open... |
| CVE-2023-37442 | 2024-01-08 | Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need... |
| CVE-2023-37443 | 2024-01-08 | Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need... |
| CVE-2023-37444 | 2024-01-08 | Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need... |
| CVE-2023-37445 | 2024-01-08 | Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need... |
| CVE-2023-37446 | 2024-01-08 | Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need... |
| CVE-2023-37447 | 2024-01-08 | Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need... |
| CVE-2023-37416 | 2024-01-08 | Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-37417 | 2024-01-08 | Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-37418 | 2024-01-08 | Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-37419 | 2024-01-08 | Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-37420 | 2024-01-08 | Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-34087 | 2024-01-08 | An improper array index validation vulnerability exists in the EVCD var len parsing functionality of GTKWave 3.3.115. A specially crafted .evcd file can lead to arbitrary code execution. A victim... |
| CVE-2023-36915 | 2024-01-08 | Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chain_table allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need... |
| CVE-2023-36916 | 2024-01-08 | Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chain_table allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need... |
| CVE-2023-36864 | 2024-01-08 | An integer overflow vulnerability exists in the fstReaderIterBlocks2 temp_signal_value_buf allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to... |
| CVE-2023-36746 | 2024-01-08 | Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to... |
| CVE-2023-36747 | 2024-01-08 | Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to... |