CVE List - 2024 / November
Showing 4001 - 4054 of 4054 CVEs for November 2024 (Page 41 of 41)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-9044 | 2024-11-29 | XML External Entity (XXE) Vulnerability in EasyTax |
| CVE-2024-11013 | 2024-11-29 | Command Injection vulnerability in NEC Corporation UNIVERGE IX from Ver9.2... |
| CVE-2024-11014 | 2024-11-29 | Cross-site request forgery (CSRF) vulnerability in NEC Corporation UNIVERGE IX... |
| CVE-2024-50357 | 2024-11-29 | FutureNet NXR series routers provided by Century Systems Co., Ltd.... |
| CVE-2024-47094 | 2024-11-29 | Logging of sitesecret to automations log |
| CVE-2024-11990 | 2024-11-29 | Cross-Site Scripting (XSS) en SurgeMail de NetWin |
| CVE-2024-11992 | 2024-11-29 | Path traversal vulnerability in Quick.CMS |
| CVE-2024-49803 | 2024-11-29 | IBM Security Verify Access Appliance command execution |
| CVE-2024-49805 | 2024-11-29 | IBM Security Verify Access Appliance hard coded credentials |
| CVE-2024-49806 | 2024-11-29 | IBM Security Verify Access Appliance hard coded credentials |
| CVE-2024-49804 | 2024-11-29 | IBM Security Verify Access Appliance privilege escalation |
| CVE-2024-49360 | 2024-11-29 | Path traversal in Sandboxie |
| CVE-2024-52003 | 2024-11-29 | X-Forwarded-Prefix Header still allows for Open Redirect in traefik |
| CVE-2024-52800 | 2024-11-29 | Potential XXE (XML External Entity Injection) vulnerability in veraPDF CLI |
| CVE-2024-52801 | 2024-11-29 | Brute force takeover of OpenID Connect session cookies in sftpgo |
| CVE-2024-52809 | 2024-11-29 | Cross-site Scripting vulnerability with prototype pollution in vue-i18n |
| CVE-2024-52810 | 2024-11-29 | Prototype Pollution in @intlify/shared >=9.7.0 <= 10.0.4 |
| CVE-2024-53848 | 2024-11-29 | check-jsonschema default caching for remote schemas allows for cache confusion |
| CVE-2024-53861 | 2024-11-29 | Issuer field partial matches allowed in pyjwt |
| CVE-2024-53864 | 2024-11-29 | Cross-site Scripting in a field that is used in the Content name pattern in ibexa/admin-ui |
| CVE-2024-53865 | 2024-11-29 | Python package "zhmcclient" has passwords in clear text in its HMC and API logs |
| CVE-2024-53979 | 2024-11-29 | Ansible collection "ibm.ibm_zhmc" has passwords in clear text in log file and in output of some modules when specified as input |
| CVE-2024-53983 | 2024-11-29 | Server-side request forgery in Backstage Scaffolder plugin |
| CVE-2024-53980 | 2024-11-29 | Spoofed length byte traps CC2538 in endless loop |
| CVE-2024-11995 | 2024-11-29 | code-projects Farmacia pagamento.php cross site scripting |
| CVE-2024-43702 | 2024-11-30 | GPU DDK - MLIST/PM render state buffers writable allowing arbitrary writes to kernel memory pages |
| CVE-2024-43703 | 2024-11-30 | GPU DDK - Duplicate calls to RGXCreateFreeList on the same reservation leads to GPU UAF |
| CVE-2024-11252 | 2024-11-30 | Social Sharing Plugin – Sassy Social Share <= 3.3.69 - Reflected Cross-Site Scripting via heateor_mastodon_share Parameter |
| CVE-2024-11996 | 2024-11-30 | code-projects Farmacia editar-fornecedor.php cross site scripting |
| CVE-2024-11997 | 2024-11-30 | code-projects Farmacia vendas.php cross site scripting |
| CVE-2024-11998 | 2024-11-30 | code-projects Farmacia visualizer-forneccedor.chp sql injection |
| CVE-2024-12000 | 2024-11-30 | code-projects Blood Bank System Setting updatesettings.php cross site scripting |
| CVE-2024-12001 | 2024-11-30 | code-projects Wazifa System Setting updatesettings.php cross site scripting |
| CVE-2024-12002 | 2024-11-30 | Tenda FH451/FH1201/FH1202/FH1206 GetIPTV websReadEvent null pointer dereference |
| CVE-2024-53738 | 2024-11-30 | WordPress Asset CleanUp: Page Speed Booster plugin <=1.3.9.8 - Server Side Request Forgery (SSRF) vulnerability |
| CVE-2024-53739 | 2024-11-30 | WordPress Cryptocurrency Widgets For Elementor plugin <= 1.6.4 - Local File Inclusion vulnerability |
| CVE-2024-53768 | 2024-11-30 | WordPress Content Audit Exporter plugin <= 1.1 - Sensitive Data Exposure vulnerability |
| CVE-2024-53783 | 2024-11-30 | WordPress Ni WooCommerce Cost Of Goods plugin <= 3.2.8 - SQL Injection vulnerability |
| CVE-2024-53788 | 2024-11-30 | WordPress WordPress Portfolio Builder – Portfolio Gallery plugin <= 1.1.7 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53787 | 2024-11-30 | WordPress Random Banner plugin <= 4.2.9 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53786 | 2024-11-30 | WordPress Cowidgets – Elementor Addons plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53778 | 2024-11-30 | WordPress Essential Breadcrumbs plugin <= 1.1.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53774 | 2024-11-30 | WordPress Sparkle Elementor Kit plugin <= 2.0.9 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53773 | 2024-11-30 | WordPress Znajdź Pracę z Praca.pl plugin <= 2.2.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53772 | 2024-11-30 | WordPress Mail Picker plugin <= 1.0.14 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53771 | 2024-11-30 | WordPress SimpleSchema plugin <= 1.7.6.9 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53767 | 2024-11-30 | WordPress Pixobe Cartography plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53766 | 2024-11-30 | WordPress Devnex Addons For Elementor plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53764 | 2024-11-30 | WordPress Softtemplates For Elementor plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53763 | 2024-11-30 | WordPress Best Addons for Elementor plugin <=1.0.5 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53760 | 2024-11-30 | WordPress Capitalize My Title WordPress plugin <= 0.5.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53758 | 2024-11-30 | WordPress WP MathJax plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53757 | 2024-11-30 | WordPress WP Find Your Nearest plugin <= 0.3.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53756 | 2024-11-30 | WordPress Vertical Carousel plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability |