CVE List - 2024 / December
Showing 1301 - 1400 of 3433 CVEs for December 2024 (Page 14 of 35)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-43721 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2024-43746 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-52834 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-52992 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-52840 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2024-52824 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-52858 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-52823 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2024-52827 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-52852 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-52859 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-52849 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-43725 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-52835 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-52825 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-52832 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-52818 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-52864 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-43750 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-52830 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-52831 | 2024-12-10 | Adobe Experience Manager | Improper Input Validation (CWE-20) |
| CVE-2024-43740 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-43723 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2024-52828 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-43724 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2024-43712 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2024-43737 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-43743 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-43745 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79) |
| CVE-2024-52855 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-43730 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-52822 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2024-52850 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-43752 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-52839 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2024-43720 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2024-52846 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-43718 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-43742 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-43726 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-52826 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-52816 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-52861 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-43732 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2024-52817 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-43719 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2024-43748 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-43738 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2024-52862 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-52838 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2024-43727 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-52860 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2024-52836 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-43717 | 2024-12-10 | Adobe Experience Manager | Improper Access Control (CWE-284) |
| CVE-2024-43715 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2024-43713 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) |
| CVE-2024-52848 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-52865 | 2024-12-10 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2024-54133 | 2024-12-10 | Possible Content Security Policy bypass in Action Dispatch |
| CVE-2024-55653 | 2024-12-10 | pwndoc's UnhandledPromiseRejection on audits causes Denial of Service (DoS) |
| CVE-2024-55655 | 2024-12-10 | sigstore-python has insufficient validation of integration timestamp during verification |
| CVE-2024-55587 | 2024-12-11 | python-libarchive through 4.2.1 allows directory traversal (to create files) in... |
| CVE-2024-55884 | 2024-12-11 | In the Mullvad VPN client 2024.6 (Desktop), 2024.8 (iOS), and... |
| CVE-2024-35117 | 2024-12-11 | IBM OpenPages with Watson information disclosure |
| CVE-2023-37395 | 2024-12-11 | IBM Aspera Faspex information disclosure |
| CVE-2024-52537 | 2024-12-11 | Dell Client Platform Firmware Update Utility contains an Improper Link... |
| CVE-2024-11053 | 2024-12-11 | netrc and redirect credential leak |
| CVE-2024-53290 | 2024-12-11 | Dell ThinOS version 2408 contains an Improper Neutralization of Special... |
| CVE-2024-53289 | 2024-12-11 | Dell ThinOS version 2408 contains a Time-of-check Time-of-use (TOCTOU) Race... |
| CVE-2024-53292 | 2024-12-11 | Dell VxVerify, versions prior to x.40.405, contain a Plain-text Password... |
| CVE-2024-12004 | 2024-12-11 | WPC Order Notes for WooCommerce <= 1.5.2 - Cross-Site Request Forgery to Reflected Cross-Site Scripting |
| CVE-2024-12283 | 2024-12-11 | WP Pipes <= 1.4.1 - Reflected Cross-Site Scripting via x1 Parameter |
| CVE-2024-10511 | 2024-12-11 | CWE-287: Improper Authentication vulnerability exists that could cause Denial of... |
| CVE-2024-12363 | 2024-12-11 | Insufficient permissions in the TeamViewer Patch & Asset Management component |
| CVE-2024-54269 | 2024-12-11 | WordPress Notibar plugin <= 2.1.4 - Broken Access Control vulnerability |
| CVE-2024-11737 | 2024-12-11 | CWE-20: Improper Input Validation vulnerability exists that could lead to... |
| CVE-2024-11401 | 2024-12-11 | Rapid7 Insight Platform Privilege Escalation Vulnerability |
| CVE-2024-11008 | 2024-12-11 | Members <= 3.2.10 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure |
| CVE-2024-11840 | 2024-12-11 | RapidLoad – Optimize Web Vitals Automatically <= 2.4.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Modification and SQL Injection |
| CVE-2024-12294 | 2024-12-11 | Last Viewed Posts by WPBeginner <= 1.0.1 - Unauthenticated Sensitive Information Exposure |
| CVE-2024-12325 | 2024-12-11 | Waymark <= 1.4.1 - Reflected Cross-Site Scripting via 'content' |
| CVE-2023-23472 | 2024-12-11 | IBM InfoSphere Information Server information disclosure |
| CVE-2024-51460 | 2024-12-11 | IBM InfoSphere Information Server information disclosure |
| CVE-2024-11351 | 2024-12-11 | Restrict – membership, site, content and user access restrictions for WordPress <= 2.2.8 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure |
| CVE-2024-50585 | 2024-12-11 | Reflected Cross-Site Scripting |
| CVE-2024-53677 | 2024-12-11 | Apache Struts: Mixing setters for uploaded files and normal fields can allow bypass file upload checks |
| CVE-2024-28139 | 2024-12-11 | Privilege escalation through sudo misconfiguration |
| CVE-2024-28140 | 2024-12-11 | Violation of Least Privilege Principle |
| CVE-2024-47758 | 2024-12-11 | GLPI vulnerable to account takeover without privilege escalation through the API |
| CVE-2024-28141 | 2024-12-11 | Cross-Site Request-Forgery |
| CVE-2024-10251 | 2024-12-11 | Under specific circumstances, insecure permissions in Ivanti Security Controls before... |
| CVE-2024-9845 | 2024-12-11 | Under specific circumstances, insecure permissions in Ivanti Automation before version... |
| CVE-2024-8496 | 2024-12-11 | Under specific circumstances, insecure permissions in Ivanti Workspace Control before... |
| CVE-2024-11597 | 2024-12-11 | Under specific circumstances, insecure permissions in Ivanti Performance Manager before... |
| CVE-2024-11598 | 2024-12-11 | Under specific circumstances, insecure permissions in Ivanti Application Control before... |
| CVE-2024-47760 | 2024-12-11 | GLPI vulnerable to account takeover via API |
| CVE-2024-47761 | 2024-12-11 | GLPI vulnerable to account takeover via the password reset feature |
| CVE-2024-48912 | 2024-12-11 | GLPI vulnerable to authenticated insecure account deletion |
| CVE-2024-50339 | 2024-12-11 | GLPI vulnerable to unauthenticated session hijacking |
| CVE-2024-12381 | 2024-12-11 | Type Confusion in V8 in Google Chrome prior to 131.0.6778.139... |