CVE List - 2024 / November
Showing 1201 - 1300 of 4054 CVEs for November 2024 (Page 13 of 41)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-51026 | 2024-11-11 | The NetAdmin IAM system (version 4.0.30319) has a Cross Site... |
| CVE-2024-51054 | 2024-11-11 | A Cross Site Scriptng (XSS) vulnerability was found in /omrs/admin/search.php... |
| CVE-2024-51135 | 2024-11-11 | An XML External Entity (XXE) vulnerability in the component DocumentBuilderFactory... |
| CVE-2024-51186 | 2024-11-11 | D-Link DIR-820L 1.05b03 was discovered to contain a remote code... |
| CVE-2024-51187 | 2024-11-11 | TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain... |
| CVE-2024-51188 | 2024-11-11 | TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain... |
| CVE-2024-51189 | 2024-11-11 | TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain... |
| CVE-2024-51190 | 2024-11-11 | TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain... |
| CVE-2024-51213 | 2024-11-11 | Cross Site Scripting vulnerability in Online Shop Store v.1.0 allows... |
| CVE-2024-52530 | 2024-11-11 | GNOME libsoup before 3.6.0 allows HTTP request smuggling in some... |
| CVE-2024-52532 | 2024-11-11 | GNOME libsoup before 3.6.1 has an infinite loop, and memory... |
| CVE-2024-52533 | 2024-11-11 | gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error... |
| CVE-2024-52531 | 2024-11-11 | GNOME libsoup before 3.6.1 allows a buffer overflow in applications... |
| CVE-2024-11060 | 2024-11-11 | Jinher Network Collaborative Management Platform 金和数字化智能办公平台 AcceptShow.aspx sql injection |
| CVE-2024-11061 | 2024-11-11 | Tenda AC10 fast_setting_wifi_set FUN_0044db3c stack-based overflow |
| CVE-2024-38826 | 2024-11-11 | CVE-2024-38826 Cloud Controller Denial of Service Attack |
| CVE-2024-51575 | 2024-11-11 | WordPress Extender All In One For Elementor plugin <= 1.0.3 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51574 | 2024-11-11 | WordPress Simple Goods plugin <= 0.1.3 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51573 | 2024-11-11 | WordPress ML Responsive Audio plugin <= 0.2 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51572 | 2024-11-11 | WordPress LH QR Codes plugin <= 1.06 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51571 | 2024-11-11 | WordPress MasterBip para Elementor plugin <= 1.6.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51793 | 2024-11-11 | WordPress RepairBuddy plugin <= 3.8115 - Arbitrary File Upload vulnerability |
| CVE-2024-51792 | 2024-11-11 | WordPress Audio Record plugin <= 1.0 - Arbitrary File Upload vulnerability |
| CVE-2024-51791 | 2024-11-11 | WordPress Forms plugin <= 2.8.0 - Arbitrary File Upload vulnerability |
| CVE-2024-51790 | 2024-11-11 | WordPress HB AUDIO GALLERY plugin <= 3.0 - Arbitrary File Upload vulnerability |
| CVE-2024-51789 | 2024-11-11 | WordPress Image Classify plugin <= 1.0.0 - Arbitrary File Upload vulnerability |
| CVE-2024-51788 | 2024-11-11 | WordPress The Novel Design Store Directory plugin <= 4.3.0 - Arbitrary File Upload vulnerability |
| CVE-2024-51882 | 2024-11-11 | WordPress Gboy Custom Google Map plugin <= 1.2 - SQL Injection vulnerability |
| CVE-2024-51845 | 2024-11-11 | WordPress Share Buttons – Social Media plugin <= 1.0.2 - SQL Injection vulnerability |
| CVE-2024-51843 | 2024-11-11 | WordPress Horsemanager plugin <= 1.3 - SQL Injection vulnerability |
| CVE-2024-51837 | 2024-11-11 | WordPress WP Contest plugin <= 1.0.0 - SQL Injection vulnerability |
| CVE-2024-51820 | 2024-11-11 | WordPress L Squared Hub WP plugin <= 1.0 - SQL Injection vulnerability |
| CVE-2024-52358 | 2024-11-11 | WordPress Responsive Addons for Elementor plugin <= 1.5.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52357 | 2024-11-11 | WordPress LIQUID BLOCKS plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52356 | 2024-11-11 | WordPress The Pack Elementor addons plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52355 | 2024-11-11 | WordPress OSM – OpenStreetMap plugin <= 6.1.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52354 | 2024-11-11 | WordPress Web Stories Widgets For Elementor plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52353 | 2024-11-11 | WordPress Christian Science Bible Lesson Subjects plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52352 | 2024-11-11 | WordPress Postcasa Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52351 | 2024-11-11 | WordPress BU Slideshow plugin <= 2.3.10 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52350 | 2024-11-11 | WordPress CRM 2go plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-11016 | 2024-11-11 | Grand Vice info Webopac - SQL Injection |
| CVE-2024-11017 | 2024-11-11 | Grand Vice info Webopac - Arbitrary File Upload |
| CVE-2024-11018 | 2024-11-11 | Grand Vice info Webopac - Arbitrary File Upload |
| CVE-2024-11019 | 2024-11-11 | Grand Vice info Webopac7 - Reflected XSS |
| CVE-2024-11020 | 2024-11-11 | Grand Vice info Webopac7 - SQL Injection |
| CVE-2024-11021 | 2024-11-11 | Grand Vice info Webopac - Stored XSS |
| CVE-2024-11062 | 2024-11-11 | D-Link DSL6740C - OS Command Injection |
| CVE-2024-11063 | 2024-11-11 | D-Link DSL6740C - OS Command Injection |
| CVE-2024-11064 | 2024-11-11 | D-Link DSL6740C - OS Command Injection |
| CVE-2024-11065 | 2024-11-11 | D-Link DSL6740C - OS Command Injection |
| CVE-2024-11066 | 2024-11-11 | D-Link DSL6740C - OS Command Injection |
| CVE-2024-11067 | 2024-11-11 | D-Link DSL6740C - Arbitrary File Reading through Path Traversal |
| CVE-2024-11068 | 2024-11-11 | D-Link DSL6740C - Incorrect Use of Privileged APIs |
| CVE-2024-43427 | 2024-11-11 | Moodle: admin presets export tool includes some secrets that should not be exported |
| CVE-2024-43429 | 2024-11-11 | Moodle: user information visibility control issues in gradebook reports |
| CVE-2024-43430 | 2024-11-11 | Moodle: lack of access control when using external methods for quiz overrides |
| CVE-2024-43432 | 2024-11-11 | Moodle: authorization headers preserved between "emulated redirects" |
| CVE-2024-43433 | 2024-11-11 | Moodle: matrix user/power level management not always working as expected with suspended users |
| CVE-2024-43435 | 2024-11-11 | Moodle: can create global glossary without being admin |
| CVE-2024-43437 | 2024-11-11 | Moodle: xss risk when restoring malicious course backup file |
| CVE-2024-34014 | 2024-11-11 | Arbitrary file overwrite during recovery due to improper symbolic link... |
| CVE-2024-34015 | 2024-11-11 | Sensitive information disclosure during file browsing due to improper symbolic... |
| CVE-2024-10345 | 2024-11-11 | Unauthenticated Denial of Service via Shutdown Function |
| CVE-2024-50263 | 2024-11-11 | fork: only invoke khugepaged, ksm hooks if no error |
| CVE-2024-10344 | 2024-11-11 | Unauthenticated Denial of Service via Refuse Function |
| CVE-2024-10314 | 2024-11-11 | Unauthenticated Denial of Service via Auto Generation Function |
| CVE-2024-11070 | 2024-11-11 | Sanluan PublicCMS Tag Type save cross site scripting |
| CVE-2024-47131 | 2024-11-11 | Delta Electronics DIAScreen Stack-based Buffer Overflow |
| CVE-2024-39605 | 2024-11-11 | Delta Electronics DIAScreen Stack-based Buffer Overflow |
| CVE-2024-39354 | 2024-11-11 | Delta Electronics DIAScreen Stack-based Buffer Overflow |
| CVE-2024-43439 | 2024-11-11 | Moodle: reflected xss via h5p error message |
| CVE-2024-45088 | 2024-11-11 | IBM Maximo Asset Management cross-site scripting |
| CVE-2024-10917 | 2024-11-11 | Eclipse OpenJ9 might return an incorrect value in JNI function GetStringUTFLength |
| CVE-2024-11073 | 2024-11-11 | SourceCodester Hospital Management System delete-account.php improper authorization |
| CVE-2024-45087 | 2024-11-11 | IBM WebSphere Application Server cross-site scripting |
| CVE-2024-11074 | 2024-11-11 | itsourcecode Tailoring Management System incadd.php sql injection |
| CVE-2024-11076 | 2024-11-11 | code-projects Job Recruitment activation.php sql injection |
| CVE-2024-11077 | 2024-11-11 | code-projects Job Recruitment index.php sql injection |
| CVE-2024-52288 | 2024-11-11 | RMAC revert to the beginning of the session in libosdp |
| CVE-2024-10315 | 2024-11-11 | Insecure Configuration in Gliffy Online |
| CVE-2024-52286 | 2024-11-11 | Self Cross Site Scripting (XSS) In Merge Functionality in Stirling-PDF |
| CVE-2024-51992 | 2024-11-11 | Method Exposure Vulnerability in Modals in orchid/platform |
| CVE-2024-51748 | 2024-11-11 | Remote code execution through language setting in kanboard |
| CVE-2024-51747 | 2024-11-11 | Arbitrary File Read and Delete in kanboard |
| CVE-2024-11078 | 2024-11-11 | code-projects Job Recruitment register.php cross site scripting |
| CVE-2024-51490 | 2024-11-11 | Stored Cross-Site Scripting in Ampache |
| CVE-2024-51489 | 2024-11-11 | Insufficient Message Token Validation in Ampache |
| CVE-2024-51488 | 2024-11-11 | Insufficient Validation in Delete Message in Ampache |
| CVE-2024-51487 | 2024-11-11 | Insufficient Validation in Catalog (Activation/Deactivation) in Ampache |
| CVE-2024-51486 | 2024-11-11 | Stored Cross-Site Scripting in Ampache |
| CVE-2024-51485 | 2024-11-11 | Insufficient Validation in Plugins (Activation/Deactivation) in Ampache |
| CVE-2024-51484 | 2024-11-11 | Insufficient Validation in Controllers (Activation/Deactivation) in Ampache |
| CVE-2024-23983 | 2024-11-11 | Access rules for PingAccess may be circumvented with URL-encoded characters |
| CVE-2024-11079 | 2024-11-11 | Ansible-core: unsafe tagging bypass via hostvars object in ansible-core |
| CVE-2021-27700 | 2024-11-12 | SOCIFI Socifi Guest wifi as SAAS wifi portal is affected... |
| CVE-2021-27701 | 2024-11-12 | SOCIFI Socifi Guest wifi as SAAS is affected by Cross... |
| CVE-2021-27702 | 2024-11-12 | Sercomm Router Etisalat Model S3- AC2100 is affected by Incorrect... |
| CVE-2021-27703 | 2024-11-12 | Sercomm Model Etisalat Model S3- AC2100 is affected by Cross... |
| CVE-2021-27704 | 2024-11-12 | Appspace 6.2.4 is affected by Incorrect Access Control via the... |