CVE List - 2024 / November
Showing 2401 - 2500 of 4054 CVEs for November 2024 (Page 25 of 41)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-52565 | 2024-11-18 | A vulnerability has been identified in Teamcenter Visualization V14.2 (All... |
| CVE-2024-52566 | 2024-11-18 | A vulnerability has been identified in Teamcenter Visualization V14.2 (All... |
| CVE-2024-52567 | 2024-11-18 | A vulnerability has been identified in Teamcenter Visualization V14.2 (All... |
| CVE-2024-52568 | 2024-11-18 | A vulnerability has been identified in Teamcenter Visualization V14.2 (All... |
| CVE-2024-52569 | 2024-11-18 | A vulnerability has been identified in Teamcenter Visualization V14.2 (All... |
| CVE-2024-52570 | 2024-11-18 | A vulnerability has been identified in Teamcenter Visualization V14.2 (All... |
| CVE-2024-52571 | 2024-11-18 | A vulnerability has been identified in Teamcenter Visualization V14.2 (All... |
| CVE-2024-52572 | 2024-11-18 | A vulnerability has been identified in Teamcenter Visualization V14.2 (All... |
| CVE-2024-52573 | 2024-11-18 | A vulnerability has been identified in Teamcenter Visualization V14.2 (All... |
| CVE-2024-52574 | 2024-11-18 | A vulnerability has been identified in Teamcenter Visualization V14.2 (All... |
| CVE-2021-1232 | 2024-11-18 | Cisco SD-WAN vManage Information Disclosure Vulnerability |
| CVE-2021-1285 | 2024-11-18 | Multiple Cisco Products SNORT Ethernet Frame Decoder Denial of Service Vulnerability |
| CVE-2021-1379 | 2024-11-18 | Cisco IP Phones Cisco Discovery Protocol and Link Layer Discovery Protocol Remote Code Execution and Denial of Service Vulnerabilities |
| CVE-2021-1132 | 2024-11-18 | Cisco Network Services Orchestrator Path Traversal Vulnerability |
| CVE-2021-1234 | 2024-11-18 | Cisco SD-WAN vManage Information Disclosure Vulnerabilities |
| CVE-2024-0012 | 2024-11-18 | PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) |
| CVE-2024-9474 | 2024-11-18 | PAN-OS: Privilege Escalation (PE) Vulnerability in the Web Management Interface |
| CVE-2020-3548 | 2024-11-18 | Cisco Email Security Appliance Denial Of Service Vulnerability |
| CVE-2020-3539 | 2024-11-18 | Cisco Data Center Network Manager Authorization Bypass Vulnerability |
| CVE-2020-3538 | 2024-11-18 | Cisco Data Center Network Manager Path Traversal Vulnerability |
| CVE-2020-3532 | 2024-11-18 | Cisco Unified Communications Products Cross-Site Scripting Vulnerability |
| CVE-2020-3525 | 2024-11-18 | Cisco Identity Services Engine Password Disclosure to an Unauthorized Actor Vulnerability |
| CVE-2020-26074 | 2024-11-18 | Cisco SD-WAN vManage Privilege Escalation Vulnerability |
| CVE-2020-26073 | 2024-11-18 | Cisco SD-WAN vManage Directory Traversal Vulnerability |
| CVE-2024-52424 | 2024-11-18 | WordPress wp-login customizer plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2020-3431 | 2024-11-18 | Cisco Small Business RV Series Routers Cross-Site Scripting Vulnerability |
| CVE-2020-3420 | 2024-11-18 | Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability |
| CVE-2020-27124 | 2024-11-18 | Cisco Adaptive Security Appliance Software SSL/TLS Denial of Service Vulnerability |
| CVE-2024-52423 | 2024-11-18 | WordPress Themify Builder plugin <= 7.6.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2020-26071 | 2024-11-18 | Cisco SD-WAN vEdge Arbitrary File Creation Vulnerability |
| CVE-2024-52422 | 2024-11-18 | WordPress WP Githuber MD plugin <= 1.16.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2020-26063 | 2024-11-18 | Cisco Integrated Management Controller Software Authorization Bypass Vulnerability |
| CVE-2020-26062 | 2024-11-18 | Cisco Integrated Management Controller Username Enumeration Vulnerability |
| CVE-2024-52419 | 2024-11-18 | WordPress Copy Anything to Clipboard plugin <= 4.0.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2020-26067 | 2024-11-18 | Cisco Webex Teams Web Interface Cross-Site Scripting Vulnerability |
| CVE-2020-26066 | 2024-11-18 | Cisco SD-WAN vManage Software XML External Entity Vulnerability |
| CVE-2024-43416 | 2024-11-18 | GLPI vulnerable to enumeration of users' email addresses by unauthenticated user |
| CVE-2024-10390 | 2024-11-18 | Elfsight Telegram Chat CC <= 1.1.0 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting |
| CVE-2024-47533 | 2024-11-18 | Cobbler allows anyone to connect to cobbler XML-RPC server with a known password and make changes |
| CVE-2024-47820 | 2024-11-18 | MarkUs vulnerable to Path Traversal |
| CVE-2024-47873 | 2024-11-18 | PhpSpreadsheet XmlScanner bypass leads to XXE |
| CVE-2024-48917 | 2024-11-18 | XXE in PHPSpreadsheet's XLSX reader |
| CVE-2024-51499 | 2024-11-18 | MarkUs Arbitrary File Write leading up to remote code execution (student accounts) |
| CVE-2024-51743 | 2024-11-18 | Arbitrary File Write leading up to remote code execution (instructor accounts) |
| CVE-2024-52303 | 2024-11-18 | aiohttp memory leak when middleware is enabled when requesting a resource with a non-allowed method |
| CVE-2024-52304 | 2024-11-18 | aiohttp vulnerable to request smuggling due to incorrect parsing of chunk extensions |
| CVE-2024-52506 | 2024-11-18 | Graylog can leak other users' reports via concurrent PDF report rendering |
| CVE-2024-52583 | 2024-11-18 | WesHacks code includes links to Leostop tracking spyware infested files |
| CVE-2024-52584 | 2024-11-18 | Autolab has vulnerable submission endpoints |
| CVE-2024-52585 | 2024-11-18 | Autolab has HTML Injection Vulnerability |
| CVE-2024-52418 | 2024-11-18 | WordPress Gameplan theme <= 1.5.10 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52417 | 2024-11-18 | WordPress ReConstruction theme <= 1.4.7 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52394 | 2024-11-18 | WordPress Print PDF Generator and Publisher plugin <= 1.1.6 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52390 | 2024-11-18 | WordPress CYAN Backup plugin <= 2.5.3 - Arbitrary File Download vulnerability |
| CVE-2024-52389 | 2024-11-18 | WordPress WP Job Portal plugin <= 2.2.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-10486 | 2024-11-18 | Google for WooCommerce <= 2.8.6 - Information Disclosure via Publicly Accessible PHP Info File |
| CVE-2024-52349 | 2024-11-18 | WordPress Awesome Tool Tip plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-21287 | 2024-11-18 | Vulnerability in the Oracle Agile PLM Framework product of Oracle... |
| CVE-2024-52348 | 2024-11-18 | WordPress AA Audio Player plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52347 | 2024-11-18 | WordPress Website remote Install vor Gravity, WPForms, Formidable, Ninja, Caldera plugin <= 4.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52346 | 2024-11-18 | WordPress SimpleGMaps plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52345 | 2024-11-18 | WordPress ra_qrcode plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52344 | 2024-11-18 | WordPress Provide Forex Signals plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52343 | 2024-11-18 | WordPress OS Pricing Tables plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52342 | 2024-11-18 | WordPress OS BXSlider plugin <= 2.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52341 | 2024-11-18 | WordPress OS Our Team plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52587 | 2024-11-18 | Harden-Runner has command injection weaknesses in `setup.ts` and `arc-runner.ts` |
| CVE-2024-52340 | 2024-11-18 | WordPress Photographer Connections plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52339 | 2024-11-18 | WordPress Mage Front End Forms plugin <= 1.1.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51940 | 2024-11-18 | WordPress WP Responsive Video plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51939 | 2024-11-18 | WordPress Stylish Internal Links plugin <= 1.9 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-48069 | 2024-11-19 | A vulnerability was found in Weaver E-cology allows attackers use... |
| CVE-2024-48070 | 2024-11-19 | An issue in Weaver E-cology v. attackers construct special requests... |
| CVE-2024-48071 | 2024-11-19 | E-cology has a directory traversal vulnerability. An attacker can exploit... |
| CVE-2024-48072 | 2024-11-19 | Weaver Ecology v9.* was discovered to contain a SQL injection... |
| CVE-2024-48694 | 2024-11-19 | File Upload vulnerability in Xi'an Daxi Information technology OfficeWeb365 v.8.6.1.0... |
| CVE-2024-50803 | 2024-11-19 | The mediapool feature of the Redaxo Core CMS application v... |
| CVE-2024-52675 | 2024-11-19 | SourceCodester Sentiment Based Movie Rating System 1.0 is vulnerable to... |
| CVE-2024-52711 | 2024-11-19 | DI-8100 v16.07.26A1 is vulnerable to Buffer Overflow In the ip_position_asp... |
| CVE-2024-52714 | 2024-11-19 | Tenda AC6 v2.0 v15.03.06.50 was discovered to contain a buffer... |
| CVE-2024-52759 | 2024-11-19 | D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow... |
| CVE-2024-52762 | 2024-11-19 | A cross-site scripting (XSS) vulnerability in the component /master/header.php of... |
| CVE-2024-52763 | 2024-11-19 | A cross-site scripting (XSS) vulnerability in the component /graph_all_periods.php of... |
| CVE-2024-52788 | 2024-11-19 | Tenda W9 v1.0.0.7(4456) was discovered to contain a hardcoded password... |
| CVE-2024-52789 | 2024-11-19 | Tenda W30E v2.0 V16.01.0.8 was discovered to contain a hardcoded... |
| CVE-2023-52921 | 2024-11-19 | drm/amdgpu: fix possible UAF in amdgpu_cs_pass1() |
| CVE-2024-50264 | 2024-11-19 | vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans |
| CVE-2024-50265 | 2024-11-19 | ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() |
| CVE-2024-50266 | 2024-11-19 | clk: qcom: videocc-sm8350: use HW_CTRL_TRIGGER for vcodec GDSCs |
| CVE-2024-50267 | 2024-11-19 | USB: serial: io_edgeport: fix use after free in debug printk |
| CVE-2024-50268 | 2024-11-19 | usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd() |
| CVE-2024-50269 | 2024-11-19 | usb: musb: sunxi: Fix accessing an released usb phy |
| CVE-2024-50270 | 2024-11-19 | mm/damon/core: avoid overflow in damon_feed_loop_next_input() |
| CVE-2024-50271 | 2024-11-19 | signal: restore the override_rlimit logic |
| CVE-2024-50272 | 2024-11-19 | filemap: Fix bounds checking in filemap_read() |
| CVE-2024-50273 | 2024-11-19 | btrfs: reinitialize delayed ref list after deleting it from the list |
| CVE-2024-50274 | 2024-11-19 | idpf: avoid vport access in idpf_get_link_ksettings |
| CVE-2024-50275 | 2024-11-19 | arm64/sve: Discard stale CPU state when handling SVE traps |
| CVE-2024-50276 | 2024-11-19 | net: vertexcom: mse102x: Fix possible double free of TX skb |
| CVE-2024-50277 | 2024-11-19 | dm: fix a crash if blk_alloc_disk fails |