CVE List - 2024 / November
Showing 1301 - 1400 of 4054 CVEs for November 2024 (Page 14 of 41)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-52268 | 2024-11-12 | The End-User Portal module before 1.0.65 for FreeScout sometimes allows... |
| CVE-2024-28726 | 2024-11-12 | An issue in DLink DWR 2000M 5G CPE With Wifi... |
| CVE-2024-28728 | 2024-11-12 | Cross Site Scripting vulnerability in DLink DWR 2000M 5G CPE... |
| CVE-2024-28729 | 2024-11-12 | An issue in DLink DWR 2000M 5G CPE With Wifi... |
| CVE-2024-28730 | 2024-11-12 | Cross Site Scripting vulnerability in DLink DWR 2000M 5G CPE... |
| CVE-2024-28731 | 2024-11-12 | Cross Site Request Forgery vulnerability in DLink DWR 2000M 5G... |
| CVE-2024-48075 | 2024-11-12 | A Heap buffer overflow in the server-site handshake implementation in... |
| CVE-2024-51093 | 2024-11-12 | Stored Cross-Site Scripting (XSS) vulnerability in Snipe-IT - v7.0.13 allows... |
| CVE-2024-51094 | 2024-11-12 | An issue in Snipe-IT v.7.0.13 build 15514 allows a low-privileged... |
| CVE-2024-51179 | 2024-11-12 | An issue in Open 5GS v.2.7.1 allows a remote attacker... |
| CVE-2024-42372 | 2024-11-12 | Missing Authorization check in SAP NetWeaver AS Java (System Landscape Directory) |
| CVE-2024-47586 | 2024-11-12 | NULL Pointer Dereference vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform |
| CVE-2024-47587 | 2024-11-12 | Missing authorization check in SAP Cash Management (Cash Operations) |
| CVE-2024-47588 | 2024-11-12 | Information Disclosure vulnerability in SAP NetWeaver Java (Software Update Manager) |
| CVE-2024-47590 | 2024-11-12 | Cross-Site Scripting (XSS) vulnerability in SAP Web Dispatcher |
| CVE-2024-47592 | 2024-11-12 | Information Disclosure Vulnerability in SAP NetWeaver Application Server Java (Logon Application) |
| CVE-2024-47593 | 2024-11-12 | Information Disclosure Vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform |
| CVE-2024-47595 | 2024-11-12 | Local Privilege Escalation in SAP Host Agent |
| CVE-2024-11096 | 2024-11-12 | code-projects Task Manager newProject.php sql injection |
| CVE-2024-8881 | 2024-11-12 | A post-authentication command injection vulnerability in the CGI program in... |
| CVE-2024-8882 | 2024-11-12 | A buffer overflow vulnerability in the CGI program in the... |
| CVE-2024-49393 | 2024-11-12 | Mutt: neomutt: to and cc email header fields are not protected by cryptographic signing |
| CVE-2024-11097 | 2024-11-12 | SourceCodester Student Record Management System Main Menu infinite loop |
| CVE-2024-11099 | 2024-11-12 | code-projects Job Recruitment login.php sql injection |
| CVE-2024-49394 | 2024-11-12 | Mutt: neomutt: in-reply-to email header field it not protected by cryptograpic signing |
| CVE-2024-49395 | 2024-11-12 | Mutt: neomutt: bcc email header field is indirectly leaked by cryptographic info block |
| CVE-2024-49560 | 2024-11-12 | Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s)... |
| CVE-2024-49558 | 2024-11-12 | Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s)... |
| CVE-2024-10695 | 2024-11-12 | Futurio Extra <= 2.0.13 - Authenticated (Contributor+) Post Disclosure |
| CVE-2024-10672 | 2024-11-12 | Multiple Page Generator Plugin – MPG <= 4.0.2 - Authenticated (Editor+) Directory Traversal to Limited File Deletion |
| CVE-2024-10685 | 2024-11-12 | Contact Form 7 Redirect & Thank You Page <= 1.0.6 - Reflected Cross-Site Scripting |
| CVE-2024-10538 | 2024-11-12 | Happy Addons for Elementor <= 3.12.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Comparison |
| CVE-2024-49557 | 2024-11-12 | Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s)... |
| CVE-2024-11100 | 2024-11-12 | 1000 Projects Beauty Parlour Management System index.php sql injection |
| CVE-2024-48837 | 2024-11-12 | Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s)... |
| CVE-2024-48838 | 2024-11-12 | Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s)... |
| CVE-2024-11101 | 2024-11-12 | 1000 Projects Beauty Parlour Management System search-invoices.php sql injection |
| CVE-2024-11102 | 2024-11-12 | SourceCodester Hospital Management System edit-doc.php cross site scripting |
| CVE-2024-29075 | 2024-11-12 | Active debug code vulnerability exists in Mesh Wi-Fi router RP562B... |
| CVE-2024-45827 | 2024-11-12 | Improper neutralization of special elements used in an OS command... |
| CVE-2024-9357 | 2024-11-12 | xili-tidy-tags <= 1.12.04 - Reflected Cross-Site Scripting |
| CVE-2024-10790 | 2024-11-12 | Admin and Site Enhancements (ASE) <= 7.5.1 - Authenticated Stored Cross-Site Scripting via SVG |
| CVE-2024-47799 | 2024-11-12 | Exposure of sensitive system information to an unauthorized control sphere... |
| CVE-2024-9835 | 2024-11-12 | RSS Feed Widget < 3.0.1 - Reflected XSS |
| CVE-2024-9836 | 2024-11-12 | RSS Feed Widget < 3.0.0 - Contributor+ Stored XSS |
| CVE-2024-10179 | 2024-11-12 | Slickstream: Engagement and Conversions <= 1.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via slick-grid Shortcode |
| CVE-2024-10323 | 2024-11-12 | JetWidgets For Elementor <= 1.0.18 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload |
| CVE-2024-10245 | 2024-11-12 | Relais 2FA <= 1.0 - Authentication Bypass |
| CVE-2024-11121 | 2024-11-12 | 上海灵当信息科技有限公司 Lingdang CRM index.php sql injection |
| CVE-2024-11122 | 2024-11-12 | 上海灵当信息科技有限公司 Lingdang CRM index.php unrestricted upload |
| CVE-2023-32736 | 2024-11-12 | A vulnerability has been identified in SIMATIC S7-PLCSIM V16 (All... |
| CVE-2024-29119 | 2024-11-12 | A vulnerability has been identified in Spectrum Power 7 (All... |
| CVE-2024-36140 | 2024-11-12 | A vulnerability has been identified in OZW672 (All versions <... |
| CVE-2024-44102 | 2024-11-12 | A vulnerability has been identified in PP TeleControl Server Basic... |
| CVE-2024-46888 | 2024-11-12 | A vulnerability has been identified in SINEC INS (All versions... |
| CVE-2024-46889 | 2024-11-12 | A vulnerability has been identified in SINEC INS (All versions... |
| CVE-2024-46890 | 2024-11-12 | A vulnerability has been identified in SINEC INS (All versions... |
| CVE-2024-46891 | 2024-11-12 | A vulnerability has been identified in SINEC INS (All versions... |
| CVE-2024-46892 | 2024-11-12 | A vulnerability has been identified in SINEC INS (All versions... |
| CVE-2024-46894 | 2024-11-12 | A vulnerability has been identified in SINEC INS (All versions... |
| CVE-2024-47783 | 2024-11-12 | A vulnerability has been identified in SIPORT (All versions <... |
| CVE-2024-47808 | 2024-11-12 | A vulnerability has been identified in SINEC NMS (All versions... |
| CVE-2024-47940 | 2024-11-12 | A vulnerability has been identified in Solid Edge SE2024 (All... |
| CVE-2024-47941 | 2024-11-12 | A vulnerability has been identified in Solid Edge SE2024 (All... |
| CVE-2024-47942 | 2024-11-12 | A vulnerability has been identified in Solid Edge SE2024 (All... |
| CVE-2024-50310 | 2024-11-12 | A vulnerability has been identified in SIMATIC CP 1543-1 V4.0... |
| CVE-2024-50313 | 2024-11-12 | A vulnerability has been identified in Mendix Runtime V10 (All... |
| CVE-2024-50557 | 2024-11-12 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU... |
| CVE-2024-50558 | 2024-11-12 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU... |
| CVE-2024-50559 | 2024-11-12 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU... |
| CVE-2024-50560 | 2024-11-12 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU... |
| CVE-2024-50561 | 2024-11-12 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU... |
| CVE-2024-50572 | 2024-11-12 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU... |
| CVE-2024-11123 | 2024-11-12 | 上海灵当信息科技有限公司 Lingdang CRM pdf.php path traversal |
| CVE-2024-11124 | 2024-11-12 | TimGeyssens UIOMatic uioMaticObject.r sql injection |
| CVE-2024-11125 | 2024-11-12 | GetSimpleCMS profile.php cross-site request forgery |
| CVE-2024-11126 | 2024-11-12 | Digistar AG-30 Plus Login Page excessive authentication |
| CVE-2024-50386 | 2024-11-12 | Apache CloudStack: Directly downloaded templates can be used to abuse KVM-based infrastructure |
| CVE-2024-51562 | 2024-11-12 | bhyve(8) nvme_opc_get_log_page buffer over-read |
| CVE-2024-8074 | 2024-11-12 | Sensetive Data Exposure in Nomysoft Informatics' Nomysem |
| CVE-2024-51563 | 2024-11-12 | bhyve(8) virtio_vq_recordon time-of-check to time-of-use race |
| CVE-2024-51564 | 2024-11-12 | bhyve(8) infinite loop in the hda audio driver |
| CVE-2024-37365 | 2024-11-12 | FactoryTalk View ME Remote Code Execution Vulnerability via Project Save Path |
| CVE-2024-51565 | 2024-11-12 | bhyve(8) hda driver buffer over-read |
| CVE-2024-51566 | 2024-11-12 | bhyve(8) NVMe driver to guest-induced infinite loops. |
| CVE-2024-11127 | 2024-11-12 | code-projects Job Recruitment admin.php sql injection |
| CVE-2024-11130 | 2024-11-12 | ZZCMS msg.php cross site scripting |
| CVE-2024-42442 | 2024-11-12 | Runtime Service Access outside SMRAM |
| CVE-2024-33660 | 2024-11-12 | Potential Firmware update without integrity check |
| CVE-2024-33658 | 2024-11-12 | Buffer Overflow Vulnerability In OFBD |
| CVE-2024-2315 | 2024-11-12 | SMM arbitrary code execution in Overclock |
| CVE-2024-39281 | 2024-11-12 | Unbounded allocation in ctl(4) CAM Target Layer |
| CVE-2024-45289 | 2024-11-12 | Unbounded allocation in ctl(4) CAM Target Layer |
| CVE-2024-50317 | 2024-11-12 | A null pointer dereference in Ivanti Avalanche before 6.4.6 allows... |
| CVE-2024-50318 | 2024-11-12 | A null pointer dereference in Ivanti Avalanche before 6.4.6 allows... |
| CVE-2024-50319 | 2024-11-12 | An infinite loop in Ivanti Avalanche before 6.4.6 allows a... |
| CVE-2024-50320 | 2024-11-12 | An infinite loop in Ivanti Avalanche before 6.4.6 allows a... |
| CVE-2024-50321 | 2024-11-12 | An infinite loop in Ivanti Avalanche before 6.4.6 allows a... |
| CVE-2024-50331 | 2024-11-12 | An out-of-bounds read vulnerability in Ivanti Avalanche before 6.4.6 allows... |
| CVE-2024-50322 | 2024-11-12 | Path traversal in Ivanti Endpoint Manager before 2024 November Security... |