CVE List - 2024 / October
Showing 2601 - 2700 of 3571 CVEs for October 2024 (Page 27 of 36)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-30122 | 2024-10-23 | HCL Sametime is impacted by misconfigured security related HTTP headers |
| CVE-2024-10283 | 2024-10-23 | Tenda RX9/RX9 Pro SetNetControlList sub_4337EC stack-based overflow |
| CVE-2024-10290 | 2024-10-23 | ZZCMS inc.php information disclosure |
| CVE-2024-47575 | 2024-10-23 | A missing authentication for critical function in FortiManager 7.6.0, FortiManager... |
| CVE-2024-49370 | 2024-10-23 | Change-Password via Portal-Profile sets PimcoreBackendUser password without hashing |
| CVE-2024-49675 | 2024-10-23 | WordPress iBryl Switch User plugin <= 1.0.1 - Account Takeover vulnerability |
| CVE-2024-49657 | 2024-10-23 | WordPress 3D Work In Progress plugin <= 1.0.3 - Arbitrary File Deletion vulnerability |
| CVE-2024-49684 | 2024-10-23 | WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.21 - PHP Object Injection vulnerability |
| CVE-2024-49701 | 2024-10-23 | WordPress Mags theme <= 1.1.6 - Local File Inclusion vulnerability |
| CVE-2024-49690 | 2024-10-23 | WordPress Qi Blocks plugin <= 1.3.2 - Local File Inclusion vulnerability |
| CVE-2024-30124 | 2024-10-23 | HCL Sametime is impacted by insecure services |
| CVE-2024-10291 | 2024-10-23 | ZZCMS phome.php Ebak_DotranExecutSQL sql injection |
| CVE-2024-10292 | 2024-10-23 | ZZCMS ChangeTable.php unrestricted upload |
| CVE-2024-49676 | 2024-10-23 | WordPress Custom Icons for Elementor plugin <= 0.3.3 - Arbitrary File Upload vulnerability |
| CVE-2024-49671 | 2024-10-23 | WordPress AI Postpix plugin <= 1.1.8 - Arbitrary File Upload vulnerability |
| CVE-2024-49669 | 2024-10-23 | WordPress INK Official plugin <= 4.1.2 - Arbitrary File Upload vulnerability |
| CVE-2024-49668 | 2024-10-23 | WordPress Verbalize WP plugin <= 1.0 - Arbitrary File Upload vulnerability |
| CVE-2024-49658 | 2024-10-23 | WordPress Woocommerce Custom Profile Picture plugin <= 1.0 - Arbitrary File Upload vulnerability |
| CVE-2024-49653 | 2024-10-23 | WordPress Portfolleo plugin <= 1.2 - Arbitrary File Upload vulnerability |
| CVE-2024-49652 | 2024-10-23 | WordPress 3D Work In Progress plugin <= 1.0.3 - Arbitrary File Upload vulnerability |
| CVE-2024-49751 | 2024-10-23 | Frappe Press possible HTML injection through SaaS Signup inputs |
| CVE-2024-10293 | 2024-10-23 | ZZCMS functions.php Ebak_SetGotoPak unrestricted upload |
| CVE-2024-10296 | 2024-10-23 | PHPGurukul Medical Card Generation System Report of Medical Card Page card-bwdates-reports-details.php sql injection |
| CVE-2024-49756 | 2024-10-23 | AshPostgres empty, atomic, non-bulk actions, policy bypass for side-effects vulnerability. |
| CVE-2024-20264 | 2024-10-23 | Cisco Firepower Management Center Software Cross-Site Scripting Vulnerability |
| CVE-2024-20268 | 2024-10-23 | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Denial of Service Vulnerability |
| CVE-2024-20269 | 2024-10-23 | Cisco Firepower Management Center Software Cross-Site Scripting Vulnerability |
| CVE-2024-20260 | 2024-10-23 | Cisco Adaptive Security Virtual Appliance and Secure Firewall Threat Defense Virtual SSL VPN Denial of Service Vulnerability |
| CVE-2024-20273 | 2024-10-23 | Cisco Firepower Management Center Software Cross-Site Scripting Vulnerability |
| CVE-2024-20274 | 2024-10-23 | Cisco Secure Firewall Management Center HTML Injection Vulnerability |
| CVE-2024-20275 | 2024-10-23 | Cisco Secure Firewall Management Center Software Backup Cluster Command Injection Vulnerability |
| CVE-2024-20297 | 2024-10-23 | Cisco Adaptive Security Appliance and Firepower Threat Defense AnyConnect Access Control List Bypass Vulnerability |
| CVE-2024-20298 | 2024-10-23 | Cisco Firepower Management Center Software Cross-Site Scripting Vulnerability |
| CVE-2024-20299 | 2024-10-23 | Cisco Adaptive Security Appliance and Firepower Threat Defense AnyConnect Access Control List Bypass Vulnerability |
| CVE-2024-20300 | 2024-10-23 | Cisco Firepower Management Center Software Cross-Site Scripting Vulnerability |
| CVE-2024-20329 | 2024-10-23 | Cisco Adaptive Security Appliance Software Remote Command Injection Vulnerability |
| CVE-2024-20330 | 2024-10-23 | Cisco Firepower Threat Defense Software for Cisco Firepower 2100 Series TCP UDP Snort 2 and Snort 2 Denial of Service Vulnerability |
| CVE-2024-20331 | 2024-10-23 | Cisco Adaptive Security Appliance and Firepower Threat Defense Software VPN Authentication DoS Vulnerability |
| CVE-2024-20339 | 2024-10-23 | Cisco Firepower Threat Defense Software for Firepower 2100 Series TLS Denial of Service Vulnerability |
| CVE-2024-20340 | 2024-10-23 | Cisco Secure Firewall Management Center SQL Injection Vulnerability |
| CVE-2024-20341 | 2024-10-23 | Cisco Adaptive Security Appliance WebVPN Cross-Site Scripting Vulnerability |
| CVE-2024-20342 | 2024-10-23 | Cisco Firepower Threat Defense Software Rate Filter Bypass Vulnerability |
| CVE-2024-20351 | 2024-10-23 | Cisco Firepower Threat Defense Software Snort Firewall Denial of Service Vulnerability |
| CVE-2024-20364 | 2024-10-23 | A vulnerability in the web-based management interface of Cisco Firepower... |
| CVE-2024-20370 | 2024-10-23 | A vulnerability in the Cisco FXOS CLI feature on specific... |
| CVE-2024-20372 | 2024-10-23 | A vulnerability in the web-based management interface of Cisco Firepower... |
| CVE-2024-20374 | 2024-10-23 | A vulnerability in the web-based management interface of Cisco Secure... |
| CVE-2024-20377 | 2024-10-23 | A vulnerability in the web-based management interface of Cisco Firepower... |
| CVE-2024-20379 | 2024-10-23 | A vulnerability in the web-based management interface of Cisco Secure... |
| CVE-2024-10297 | 2024-10-23 | PHPGurukul Medical Card Generation System Managecard Edit Image Page changeimage.php sql injection |
| CVE-2024-20382 | 2024-10-23 | A vulnerability in the VPN web client services feature of... |
| CVE-2024-20384 | 2024-10-23 | A vulnerability in the Network Service Group (NSG) feature of... |
| CVE-2024-20386 | 2024-10-23 | A vulnerability in the web-based management interface of Cisco Firepower... |
| CVE-2024-20387 | 2024-10-23 | A vulnerability in the web-based management interface of Cisco FMC... |
| CVE-2024-20388 | 2024-10-23 | A vulnerability in the password change feature of Cisco Firepower... |
| CVE-2024-20402 | 2024-10-23 | A vulnerability in the SSL VPN feature for Cisco Adaptive... |
| CVE-2024-20403 | 2024-10-23 | A vulnerability in the web-based management interface of Cisco Firepower... |
| CVE-2024-20407 | 2024-10-23 | A vulnerability in the interaction between the TCP Intercept feature... |
| CVE-2024-20408 | 2024-10-23 | A vulnerability in the Dynamic Access Policies (DAP) feature of... |
| CVE-2024-9949 | 2024-10-23 | Denial of Service in Forescout SecureConnector |
| CVE-2024-20409 | 2024-10-23 | A vulnerability in the web-based management interface of Cisco Firepower... |
| CVE-2024-20410 | 2024-10-23 | A vulnerability in the web-based management interface of Cisco Firepower... |
| CVE-2024-20412 | 2024-10-23 | A vulnerability in Cisco Firepower Threat Defense (FTD) Software for... |
| CVE-2024-20415 | 2024-10-23 | A vulnerability in the web-based management interface of Cisco Firepower... |
| CVE-2024-20424 | 2024-10-23 | A vulnerability in the web-based management interface of Cisco Secure... |
| CVE-2024-20426 | 2024-10-23 | A vulnerability in the Internet Key Exchange version 2 (IKEv2)... |
| CVE-2024-20431 | 2024-10-23 | A vulnerability in the geolocation access control feature of Cisco... |
| CVE-2024-20471 | 2024-10-23 | A vulnerability in the web-based management interface of Cisco Secure... |
| CVE-2024-20474 | 2024-10-23 | A vulnerability in Internet Key Exchange version 2 (IKEv2) processing... |
| CVE-2024-20472 | 2024-10-23 | A vulnerability in the web-based management interface of Cisco Secure... |
| CVE-2024-20473 | 2024-10-23 | A vulnerability in the web-based management interface of Cisco Secure... |
| CVE-2024-20481 | 2024-10-23 | A vulnerability in the Remote Access VPN (RAVPN) service of... |
| CVE-2024-20482 | 2024-10-23 | A vulnerability in the web-based management interface of Cisco Secure... |
| CVE-2024-20485 | 2024-10-23 | A vulnerability in the VPN web server of Cisco Adaptive... |
| CVE-2024-20493 | 2024-10-23 | A vulnerability in the login authentication functionality of the Remote... |
| CVE-2024-20494 | 2024-10-23 | A vulnerability in the TLS cryptography functionality of Cisco Adaptive... |
| CVE-2024-20495 | 2024-10-23 | A vulnerability in the Remote Access VPN feature of Cisco... |
| CVE-2024-20526 | 2024-10-23 | A vulnerability in the SSH server of Cisco Adaptive Security... |
| CVE-2024-48964 | 2024-10-23 | The package Snyk CLI before 1.1294.0 is vulnerable to Code... |
| CVE-2024-48963 | 2024-10-23 | The package Snyk CLI before 1.1294.0 is vulnerable to Code... |
| CVE-2024-10298 | 2024-10-23 | PHPGurukul Medical Card Generation System Managecard Edit Card Detail Page edit-card-detail.php sql injection |
| CVE-2024-10299 | 2024-10-23 | PHPGurukul Medical Card Generation System Managecard View Detail Page view-card-detail.php sql injection |
| CVE-2024-10300 | 2024-10-23 | PHPGurukul Medical Card Generation System View Enquiry Page view-enquiry.php sql injection |
| CVE-2024-10301 | 2024-10-23 | PHPGurukul Medical Card Generation System Search search-medicalcard.php sql injection |
| CVE-2023-50355 | 2024-10-23 | HCL Sametime is impacted by generation of error messages containing sensitive information |
| CVE-2024-40595 | 2024-10-24 | An authentication-bypass issue in the RDP component of One Identity... |
| CVE-2024-41617 | 2024-10-24 | Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to Incorrect... |
| CVE-2024-41618 | 2024-10-24 | Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to SQL... |
| CVE-2024-45242 | 2024-10-24 | EnGenius ENH1350EXT A8J-ENH1350EXT devices through 3.9.3.2_c1.9.51 allow (blind) OS Command... |
| CVE-2024-45259 | 2024-10-24 | An issue was discovered on certain GL-iNet devices, including MT6000,... |
| CVE-2024-45260 | 2024-10-24 | An issue was discovered on certain GL-iNet devices, including MT6000,... |
| CVE-2024-45261 | 2024-10-24 | An issue was discovered on certain GL-iNet devices, including MT6000,... |
| CVE-2024-45262 | 2024-10-24 | An issue was discovered on certain GL-iNet devices, including MT6000,... |
| CVE-2024-45263 | 2024-10-24 | An issue was discovered on certain GL-iNet devices, including MT6000,... |
| CVE-2024-46478 | 2024-10-24 | HTMLDOC v1.9.18 contains a buffer overflow in parse_pre function,ps-pdf.cxx:5681. |
| CVE-2024-48139 | 2024-10-24 | A prompt injection vulnerability in the chatbox of Blackbox AI... |
| CVE-2024-48140 | 2024-10-24 | A prompt injection vulnerability in the chatbox of Butterfly Effect... |
| CVE-2024-48141 | 2024-10-24 | A prompt injection vulnerability in the chatbox of Zhipu AI... |
| CVE-2024-48142 | 2024-10-24 | A prompt injection vulnerability in the chatbox of Butterfly Effect... |
| CVE-2024-48143 | 2024-10-24 | A lack of rate limiting in the OTP validation component... |