CVE List - 2024 / October
Showing 501 - 600 of 3571 CVEs for October 2024 (Page 6 of 36)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-44024 | 2024-10-06 | WordPress Medical Addon for Elementor plugin <= 1.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-44022 | 2024-10-06 | WordPress Review & testimonial widgets plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-44010 | 2024-10-06 | WordPress Full frame theme <= 2.7.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-47650 | 2024-10-06 | WordPress WP-WebAuthn plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-47350 | 2024-10-06 | WordPress YITH WooCommerce Ajax Search plugin <= 2.8.0 - SQL Injection vulnerability |
| CVE-2024-47338 | 2024-10-06 | WordPress WPExperts Square For GiveWP plugin <= 1.3 - SQL Injection vulnerability |
| CVE-2024-9555 | 2024-10-06 | D-Link DIR-605L formSetEasy_Wizard buffer overflow |
| CVE-2024-9556 | 2024-10-06 | D-Link DIR-605L formSetEnableWizard buffer overflow |
| CVE-2024-9557 | 2024-10-06 | D-Link DIR-605L formSetWanPPPoE buffer overflow |
| CVE-2024-9558 | 2024-10-06 | D-Link DIR-605L formSetWanPPTP buffer overflow |
| CVE-2024-9559 | 2024-10-06 | D-Link DIR-605L formWlanSetup buffer overflow |
| CVE-2024-9560 | 2024-10-06 | ESAFENET CDG Catelogs;logindojojs delCatelogs sql injection |
| CVE-2024-9561 | 2024-10-06 | D-Link DIR-605L formSetWAN_Wizard52 buffer overflow |
| CVE-2024-9562 | 2024-10-06 | D-Link DIR-605L formSetWizard2 buffer overflow |
| CVE-2024-9563 | 2024-10-06 | D-Link DIR-605L formWlanSetup_Wizard buffer overflow |
| CVE-2024-42831 | 2024-10-07 | A reflected cross-site scripting (XSS) vulnerability in Elaine's Realtime CRM... |
| CVE-2024-44068 | 2024-10-07 | An issue was discovered in the m2m scaler driver in... |
| CVE-2024-44674 | 2024-10-07 | D-Link COVR-2600R FW101b05 is vulnerable to Buffer Overflow. In the... |
| CVE-2024-45873 | 2024-10-07 | A DLL hijacking vulnerability in VegaBird Yaazhini 2.0.2 allows attackers... |
| CVE-2024-45874 | 2024-10-07 | A DLL hijacking vulnerability in VegaBird Vooki 5.2.9 allows attackers... |
| CVE-2024-45894 | 2024-10-07 | BlueCMS 1.6 suffers from Arbitrary File Deletion via the file_name... |
| CVE-2024-45919 | 2024-10-07 | A security flaw has been discovered in Solvait version 24.4.2... |
| CVE-2024-45932 | 2024-10-07 | Krayin CRM v1.3.0 is vulnerable to Cross Site Scripting (XSS)... |
| CVE-2024-45933 | 2024-10-07 | OnlineNewsSite v1.0 is vulnerable to Cross Site Scripting (XSS) which... |
| CVE-2024-46040 | 2024-10-07 | IoT Haat Smart Plug IH-IN-16A-S IH-IN-16A-S v5.16.1 suffers from Insufficient... |
| CVE-2024-46041 | 2024-10-07 | IoT Haat Smart Plug IH-IN-16A-S v5.16.1 is vulnerable to Authentication... |
| CVE-2024-46076 | 2024-10-07 | RuoYi v4.7.9 and before has a security flaw that allows... |
| CVE-2024-46278 | 2024-10-07 | Teedy 1.11 is vulnerable to Cross Site Scripting (XSS) via... |
| CVE-2024-46300 | 2024-10-07 | itsourcecode Placement Management System 1.0 is vulnerable to Cross Site... |
| CVE-2024-46325 | 2024-10-07 | TP-Link WR740N V6 has a stack overflow vulnerability via the... |
| CVE-2024-46446 | 2024-10-07 | Mecha CMS 3.0.0 is vulnerable to Directory Traversal. An attacker... |
| CVE-2024-28709 | 2024-10-07 | Cross Site Scripting vulnerability in LimeSurvey before 6.5.12+240611 allows a... |
| CVE-2024-28710 | 2024-10-07 | Cross Site Scripting vulnerability in LimeSurvey before 6.5.0+240319 allows a... |
| CVE-2024-9564 | 2024-10-07 | D-Link DIR-605L formWlanWizardSetup buffer overflow |
| CVE-2024-9565 | 2024-10-07 | D-Link DIR-605L formSetPassword buffer overflow |
| CVE-2024-20090 | 2024-10-07 | In vdec, there is a possible out of bounds write... |
| CVE-2024-20091 | 2024-10-07 | In vdec, there is a possible out of bounds read... |
| CVE-2024-20092 | 2024-10-07 | In vdec, there is a possible out of bounds write... |
| CVE-2024-20093 | 2024-10-07 | In vdec, there is a possible out of bounds read... |
| CVE-2024-20100 | 2024-10-07 | In wlan driver, there is a possible out of bounds... |
| CVE-2024-20101 | 2024-10-07 | In wlan driver, there is a possible out of bounds... |
| CVE-2024-20103 | 2024-10-07 | In wlan firmware, there is a possible out of bounds... |
| CVE-2024-20094 | 2024-10-07 | In Modem, there is a possible system crash due to... |
| CVE-2024-20095 | 2024-10-07 | In m4u, there is a possible out of bounds read... |
| CVE-2024-20096 | 2024-10-07 | In m4u, there is a possible out of bounds read... |
| CVE-2024-20097 | 2024-10-07 | In vdec, there is a possible out of bounds read... |
| CVE-2024-20098 | 2024-10-07 | In power, there is a possible out of bounds write... |
| CVE-2024-20099 | 2024-10-07 | In power, there is a possible out of bounds write... |
| CVE-2024-20102 | 2024-10-07 | In wlan driver, there is a possible out of bounds... |
| CVE-2024-47335 | 2024-10-07 | WordPress Bit Form plugin <= 2.13.11 - SQL Injection vulnerability |
| CVE-2024-47344 | 2024-10-07 | WordPress uListing plugin <= 2.1.5 - Sensitive Data Exposure vulnerability |
| CVE-2024-45153 | 2024-10-07 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-42027 | 2024-10-07 | The E2EE password entropy generated by Rocket.Chat Mobile prior to... |
| CVE-2024-21455 | 2024-10-07 | Untrusted Pointer Dereference in DSP Service |
| CVE-2024-23369 | 2024-10-07 | Improper Restriction of Operations within the Bounds of a Memory Buffer in HLOS |
| CVE-2024-23370 | 2024-10-07 | Use After Free in Automotive Multimedia |
| CVE-2024-23374 | 2024-10-07 | Stack-based Buffer Overflow in Power Management IC |
| CVE-2024-23375 | 2024-10-07 | Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in RIL |
| CVE-2024-23376 | 2024-10-07 | Use After Free in ComputerVision |
| CVE-2024-23378 | 2024-10-07 | Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Audio |
| CVE-2024-23379 | 2024-10-07 | Double Free in DSP Services |
| CVE-2024-33049 | 2024-10-07 | Buffer Over-read in WLAN Host Communication |
| CVE-2024-33064 | 2024-10-07 | Buffer Over-read in WLAN Host Communication |
| CVE-2024-33065 | 2024-10-07 | Improper Input Validation in Camera |
| CVE-2024-33066 | 2024-10-07 | Improper Input Validation in WLAN Resource Manager |
| CVE-2024-33069 | 2024-10-07 | Use After Free in WLAN Host |
| CVE-2024-33070 | 2024-10-07 | Buffer Over-read in WLAN Host Communication |
| CVE-2024-33071 | 2024-10-07 | Buffer Over-read in WLAN Host Communication |
| CVE-2024-33073 | 2024-10-07 | Buffer Over-read in WLAN Host Communication |
| CVE-2024-38397 | 2024-10-07 | Buffer Over-read in WLAN Host Communication |
| CVE-2024-38399 | 2024-10-07 | Use After Free in Graphics |
| CVE-2024-38425 | 2024-10-07 | Improper Authorization in Performance |
| CVE-2024-43047 | 2024-10-07 | Use After Free in DSP Service |
| CVE-2024-9566 | 2024-10-07 | D-Link DIR-619L B1 formDeviceReboot buffer overflow |
| CVE-2024-9567 | 2024-10-07 | D-Link DIR-619L B1 formAdvFirewall buffer overflow |
| CVE-2024-9576 | 2024-10-07 | Improper access control in Linux Workbooth Distro |
| CVE-2024-9568 | 2024-10-07 | D-Link DIR-619L B1 formAdvNetwork buffer overflow |
| CVE-2024-9571 | 2024-10-07 | Cross-Site Scripting vulnerability in SOPlanning |
| CVE-2024-9572 | 2024-10-07 | Cross-Site Scripting vulnerability in SOPlanning |
| CVE-2024-9573 | 2024-10-07 | SQL Injection vulnerability in SOPlanning |
| CVE-2024-9574 | 2024-10-07 | SQL Injection vulnerability in SOPlanning |
| CVE-2024-9569 | 2024-10-07 | D-Link DIR-619L B1 formEasySetPassword buffer overflow |
| CVE-2023-6361 | 2024-10-07 | A vulnerability has been discovered in Winhex affecting version 16.1... |
| CVE-2023-6362 | 2024-10-07 | A vulnerability has been discovered in Winhex affecting version 16.1... |
| CVE-2024-9570 | 2024-10-07 | D-Link DIR-619L B1 formEasySetTimezone buffer overflow |
| CVE-2024-27458 | 2024-10-07 | HP Hotkey Support – Escalation of Privilege |
| CVE-2024-47555 | 2024-10-07 | Missing Authentication - User & System Configuration |
| CVE-2024-47556 | 2024-10-07 | Pre-Auth RCE via Path Traversal |
| CVE-2024-47557 | 2024-10-07 | Pre-Auth RCE via Path Traversal |
| CVE-2024-47558 | 2024-10-07 | Authenticated RCE via Path Traversal |
| CVE-2024-47559 | 2024-10-07 | Authenticated RCE via Path Traversal |
| CVE-2024-47975 | 2024-10-07 | Improper access control validation in firmware of some Solidigm DC... |
| CVE-2024-47976 | 2024-10-07 | Improper access removal handling in firmware of some Solidigm DC... |
| CVE-2024-47971 | 2024-10-07 | Improper error handling in firmware of some SSD DC Products... |
| CVE-2024-47972 | 2024-10-07 | Improper resource management in firmware of some Solidigm DC Products... |
| CVE-2024-31227 | 2024-10-07 | Denial-of-service due to malformed ACL selectors in Redis |
| CVE-2024-31228 | 2024-10-07 | Denial-of-service due to unbounded pattern matching in Redis |
| CVE-2024-31449 | 2024-10-07 | Lua library commands may lead to stack overflow and RCE in Redis |
| CVE-2024-47079 | 2024-10-07 | Unauthorized usage of remote hardware module because of missing channel verification |
| CVE-2024-45293 | 2024-10-07 | XML External Entity Reference (XXE) in PHPSpreadsheet's XLSX reader |