CVE List - 2024 / November
Showing 2801 - 2900 of 4054 CVEs for November 2024 (Page 29 of 41)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-53085 | 2024-11-19 | tpm: Lock TPM chip in tpm_pm_suspend() first |
| CVE-2024-53086 | 2024-11-19 | drm/xe: Drop VM dma-resv lock on xe_sync_in_fence_get failure in exec IOCTL |
| CVE-2024-53087 | 2024-11-19 | drm/xe: Fix possible exec queue leak in exec IOCTL |
| CVE-2024-53088 | 2024-11-19 | i40e: fix race condition by adding filter's intermediate sync state |
| CVE-2017-13315 | 2024-11-19 | In writeToParcel and createFromParcel of DcParamObject.java, there is a permission... |
| CVE-2023-21270 | 2024-11-19 | In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for... |
| CVE-2018-9338 | 2024-11-19 | In ResStringPool::setTo of ResourceTypes.cpp, there is a possible out of... |
| CVE-2024-50430 | 2024-11-19 | WordPress Beaver Builder plugin <= 2.8.3.7 - Cross Site Scripting (XSS) vulnerability |
| CVE-2018-9339 | 2024-11-19 | In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible... |
| CVE-2018-9340 | 2024-11-19 | In ResStringPool::setTo of ResourceTypes.cpp, it's possible for an attacker to... |
| CVE-2018-9341 | 2024-11-19 | In impeg2d_mc_fullx_fully of impeg2d_mc.c there is a possible out of... |
| CVE-2018-9344 | 2024-11-19 | In several functions of DescramblerImpl.cpp, there is a possible use... |
| CVE-2024-21697 | 2024-11-19 | This High severity RCE (Remote Code Execution) vulnerability was introduced... |
| CVE-2024-51503 | 2024-11-19 | A security agent manual scan command injection vulnerability in the... |
| CVE-2018-9345 | 2024-11-19 | In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure... |
| CVE-2018-9346 | 2024-11-19 | In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure... |
| CVE-2018-9348 | 2024-11-19 | In SMF_ParseMetaEvent of eas_smf.c, there is a possible integer overflow.... |
| CVE-2018-9364 | 2024-11-19 | In the LG LAF component, there is a special command... |
| CVE-2024-11395 | 2024-11-19 | Type Confusion in V8 in Google Chrome prior to 131.0.6778.85... |
| CVE-2018-9366 | 2024-11-19 | In IMSA_Recv_Thread and VT_IMCB_Thread of ImsaClient.cpp and VideoTelephony.c, there is... |
| CVE-2018-9367 | 2024-11-19 | In FT_ACDK_CCT_V2_OP_ISP_SET_TUNING_PARAS of Meta_CCAP_Para.cpp, there is a possible out of... |
| CVE-2018-9368 | 2024-11-19 | In mtkscoaudio debugfs there is a possible arbitrary kernel memory... |
| CVE-2018-9369 | 2024-11-19 | In bootloader there is fastboot command allowing user specified kernel... |
| CVE-2018-9370 | 2024-11-19 | In download.c there is a special mode allowing user to... |
| CVE-2018-9371 | 2024-11-19 | In the Mediatek Preloader, there are out of bounds reads... |
| CVE-2018-9372 | 2024-11-19 | In cmd_flash_mmc_sparse_img of dl_commands.c, there is a possible out of... |
| CVE-2024-37070 | 2024-11-19 | IBM Concert Software information disclosure |
| CVE-2018-9409 | 2024-11-19 | In HWCSession::SetColorModeById of hwc_session.cpp, there is a possible out of... |
| CVE-2024-45419 | 2024-11-19 | Zoom Apps - Improper Input Validation |
| CVE-2024-52360 | 2024-11-19 | IBM Concert Software SQL injection |
| CVE-2024-45420 | 2024-11-19 | Zoom Apps - Uncontrolled Resource Consumption |
| CVE-2024-52359 | 2024-11-19 | IBM Concert Software improper access controls |
| CVE-2024-45422 | 2024-11-19 | Zoom Apps - Improper Input Validation |
| CVE-2018-9365 | 2024-11-19 | In smp_data_received of smp_l2c.cc, there is a possible out of... |
| CVE-2018-9410 | 2024-11-19 | In analyzeAxes of FontUtils.cpp, there is a possible out of... |
| CVE-2018-9411 | 2024-11-19 | In decrypt of ClearKeyCasPlugin.cpp there is a possible out-of-bounds write... |
| CVE-2018-9412 | 2024-11-19 | In removeUnsynchronization of ID3.cpp there is a possible resource exhaustion... |
| CVE-2018-9417 | 2024-11-19 | In f_hidg_read and hidg_disable of f_hid.c, there is a possible... |
| CVE-2018-9419 | 2024-11-19 | In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of... |
| CVE-2018-9420 | 2024-11-19 | In BnCameraService::onTransact of CameraService.cpp, there is a possible information disclosure... |
| CVE-2018-9421 | 2024-11-19 | In writeInplace of Parcel.cpp, there is a possible information leak... |
| CVE-2018-9424 | 2024-11-19 | In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of... |
| CVE-2018-9428 | 2024-11-19 | In startDevice of AAudioServiceStreamBase.cpp there is a possible out of... |
| CVE-2018-9432 | 2024-11-19 | In createPhonebookDialogView and createMapDialogView of BluetoothPermissionActivity.java, there is a possible... |
| CVE-2024-52595 | 2024-11-19 | HTML Cleaner allows crafted scripts in special contexts like svg or math to pass through |
| CVE-2018-9433 | 2024-11-19 | In ArrayConcatVisitor of builtins-array.cc, there is a possible type confusion... |
| CVE-2024-11400 | 2024-11-19 | HUSKY – Products Filter for WooCommerce <= 1.3.6.3 - Reflected Cross-Site Scripting via really_curr_tax Parameter |
| CVE-2023-27609 | 2024-11-19 | WordPress WP Roles at Registration plugin <= 0.23 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-30424 | 2024-11-19 | WordPress Beaver Builder Addons by WPZOOM plugin <= 1.3.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52392 | 2024-11-19 | WordPress W3SPEEDSTER plugin <= 7.25 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-51669 | 2024-11-19 | WordPress Dynamic Widgets plugin <= 1.6.4 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2018-9440 | 2024-11-19 | In parse of M3UParser.cpp there is a possible resource exhaustion... |
| CVE-2018-9456 | 2024-11-19 | In sdpu_extract_attr_seq of sdp_utils.cc, there is a possible out of... |
| CVE-2018-9466 | 2024-11-19 | In the xmlSnprintfElementContent function of valid.c, there is a possible... |
| CVE-2024-44306 | 2024-11-19 | A buffer overflow issue was addressed with improved memory handling.... |
| CVE-2024-44307 | 2024-11-19 | A buffer overflow issue was addressed with improved memory handling.... |
| CVE-2024-44308 | 2024-11-19 | The issue was addressed with improved checks. This issue is... |
| CVE-2024-44309 | 2024-11-19 | A cookie management issue was addressed with improved state management.... |
| CVE-2018-9467 | 2024-11-19 | In the getHost() function of UriTest.java, there is the possibility... |
| CVE-2024-29292 | 2024-11-20 | Multiple OS Command Injection vulnerabilities affecting Kasda LinkSmart Router KW6512... |
| CVE-2024-33439 | 2024-11-20 | An issue in Kasda LinkSmart Router KW5515 v1.7 and before... |
| CVE-2024-45510 | 2024-11-20 | An issue was discovered in Zimbra Collaboration (ZCS) through 10.0.... |
| CVE-2024-45511 | 2024-11-20 | An issue was discovered in Zimbra Collaboration (ZCS) through 10.1.... |
| CVE-2024-48530 | 2024-11-20 | An issue in the Instructor Appointment Availability module of eSoft... |
| CVE-2024-48531 | 2024-11-20 | A reflected cross-site scripting (XSS) vulnerability on the Rental Availability... |
| CVE-2024-48533 | 2024-11-20 | A discrepancy between responses for valid and invalid e-mail accounts... |
| CVE-2024-48534 | 2024-11-20 | A reflected cross-site scripting (XSS) vulnerability on the Camp Details... |
| CVE-2024-48535 | 2024-11-20 | A stored cross-site scripting (XSS) vulnerability in eSoft Planner 3.24.08271-USA... |
| CVE-2024-48536 | 2024-11-20 | Incorrect access control in eSoft Planner 3.24.08271-USA allow attackers to... |
| CVE-2024-48981 | 2024-11-20 | An issue was discovered in MBed OS 6.16.0. During processing... |
| CVE-2024-48982 | 2024-11-20 | An issue was discovered in MBed OS 6.16.0. Its hci... |
| CVE-2024-48983 | 2024-11-20 | An issue was discovered in MBed OS 6.16.0. During processing... |
| CVE-2024-48984 | 2024-11-20 | An issue was discovered in MBed OS 6.16.0. When parsing... |
| CVE-2024-48985 | 2024-11-20 | An issue was discovered in MBed OS 6.16.0. During processing... |
| CVE-2024-48986 | 2024-11-20 | An issue was discovered in MBed OS 6.16.0. Its hci... |
| CVE-2024-51151 | 2024-11-20 | D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in... |
| CVE-2024-51209 | 2024-11-20 | Cross-Site Scripting (XSS) vulnerabilities in Anuj Kumar's Client Management System... |
| CVE-2024-52701 | 2024-11-20 | A stored cross-site scripting (XSS) vulnerability in the Configuration page... |
| CVE-2024-52702 | 2024-11-20 | A stored cross-site scripting (XSS) vulnerability in the component install\index.php... |
| CVE-2024-52725 | 2024-11-20 | SemCms v4.8 was discovered to contain a SQL injection vulnerability.... |
| CVE-2024-52739 | 2024-11-20 | D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command... |
| CVE-2024-52754 | 2024-11-20 | D-LINK DI-8003 v16.07.16A1 was discovered to contain a buffer overflow... |
| CVE-2024-52755 | 2024-11-20 | D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow... |
| CVE-2024-52757 | 2024-11-20 | D-LINK DI-8003 v16.07.16A1 was discovered to contain a buffer overflow... |
| CVE-2024-52769 | 2024-11-20 | An arbitrary file upload vulnerability in the component /admin/friendlink_edit of... |
| CVE-2024-52770 | 2024-11-20 | An arbitrary file upload vulnerability in the component /admin/file_manage_control of... |
| CVE-2024-52771 | 2024-11-20 | DedeBIZ v6.3.0 was discovered to contain an arbitrary file deletion... |
| CVE-2024-49203 | 2024-11-20 | Querydsl 5.1.0 and OpenFeign Querydsl 6.8 allows SQL/HQL injection in... |
| CVE-2024-51162 | 2024-11-20 | An issue in Audimex EE versions 15.1.20 and earlier allowing... |
| CVE-2024-51163 | 2024-11-20 | A Local File Inclusion vulnerability in Vegam Solutions Vegam 4i... |
| CVE-2024-51208 | 2024-11-20 | File Upload vulnerability in change-image.php in Anuj Kumar's Boat Booking... |
| CVE-2024-52677 | 2024-11-20 | HkCms <= v2.3.2.240702 is vulnerable to file upload in the... |
| CVE-2024-52765 | 2024-11-20 | H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE)... |
| CVE-2024-11278 | 2024-11-20 | GD bbPress Attachments <= 4.7.2 - Reflected Cross-Site Scripting |
| CVE-2024-52614 | 2024-11-20 | Use of hard-coded cryptographic key issue exists in "Kura Sushi... |
| CVE-2024-9653 | 2024-11-20 | Restaurant Menu – Food Ordering System – Table Reservation <= 2.4.2 - Reflected Cross-Site Scripting |
| CVE-2024-10515 | 2024-11-20 | SEO Plugin by Squirrly SEO < 12.3.21 - Editor+ Stored XSS |
| CVE-2024-11277 | 2024-11-20 | 404 Solution <= 2.35.19 - Reflected Cross-Site Scripting |
| CVE-2024-10900 | 2024-11-20 | ProfileGrid – User Profiles, Groups and Communities <= 5.9.3.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Meta Deletion |
| CVE-2024-8726 | 2024-11-20 | MailChimp Forms by MailMunch <= 3.2.3 - Reflected Cross-Site Scripting |