CVE List - 2024 / January
Showing 1001 - 1100 of 2591 CVEs for January 2024 (Page 11 of 26)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-4962 | 2024-01-11 | The Video PopUp plugin for WordPress is vulnerable to Stored... |
| CVE-2023-6567 | 2024-01-11 | The LearnPress plugin for WordPress is vulnerable to time-based SQL... |
| CVE-2023-6828 | 2024-01-11 | The Contact Form, Survey & Popup Form Plugin for WordPress... |
| CVE-2023-6878 | 2024-01-11 | The Slick Social Share Buttons plugin for WordPress is vulnerable... |
| CVE-2023-6636 | 2024-01-11 | The Greenshift – animation and page builder blocks plugin for... |
| CVE-2023-6556 | 2024-01-11 | The FOX – Currency Switcher Professional for WooCommerce plugin for... |
| CVE-2023-6934 | 2024-01-11 | The Limit Login Attempts Reloaded plugin for WordPress is vulnerable... |
| CVE-2023-6645 | 2024-01-11 | The Post Grid Combo – 36+ Gutenberg Blocks plugin for... |
| CVE-2023-6583 | 2024-01-11 | The Import and export users and customers plugin for WordPress... |
| CVE-2023-6220 | 2024-01-11 | The Piotnet Forms plugin for WordPress is vulnerable to arbitrary... |
| CVE-2023-6316 | 2024-01-11 | The MW WP Form plugin for WordPress is vulnerable to... |
| CVE-2023-7019 | 2024-01-11 | The LightStart – Maintenance Mode, Coming Soon and Landing Page... |
| CVE-2023-6990 | 2024-01-11 | The Weaver Xtreme theme for WordPress is vulnerable to Stored... |
| CVE-2023-7048 | 2024-01-11 | The My Sticky Bar plugin for WordPress is vulnerable to... |
| CVE-2023-6782 | 2024-01-11 | The AMP for WP – Accelerated Mobile Pages plugin for... |
| CVE-2023-6737 | 2024-01-11 | The Enable Media Replace plugin for WordPress is vulnerable to... |
| CVE-2023-6638 | 2024-01-11 | The GTG Product Feed for Shopping plugin for WordPress is... |
| CVE-2023-6561 | 2024-01-11 | The Featured Image from URL (FIFU) plugin for WordPress is... |
| CVE-2023-6751 | 2024-01-11 | The Hostinger plugin for WordPress is vulnerable to unauthorized plugin... |
| CVE-2023-6598 | 2024-01-11 | The SpeedyCache plugin for WordPress is vulnerable to unauthorized modification... |
| CVE-2023-4246 | 2024-01-11 | The GiveWP plugin for WordPress is vulnerable to Cross-Site Request... |
| CVE-2023-5691 | 2024-01-11 | The Chatbot for WordPress plugin for WordPress is vulnerable to... |
| CVE-2023-4247 | 2024-01-11 | The GiveWP plugin for WordPress is vulnerable to Cross-Site Request... |
| CVE-2023-6875 | 2024-01-11 | The POST SMTP Mailer – Email log, Delivery Failure Notifications... |
| CVE-2023-5504 | 2024-01-11 | The BackWPup plugin for WordPress is vulnerable to Directory Traversal... |
| CVE-2023-6504 | 2024-01-11 | The User Profile Builder – Beautiful User Registration Forms, User... |
| CVE-2023-7070 | 2024-01-11 | The Email Encoder – Protect Email Addresses and Phone Numbers... |
| CVE-2023-7071 | 2024-01-11 | The Essential Blocks – Page Builder Gutenberg Blocks, Patterns &... |
| CVE-2023-4960 | 2024-01-11 | The WCFM Marketplace plugin for WordPress is vulnerable to Stored... |
| CVE-2023-6582 | 2024-01-11 | The ElementsKit Elementor addons plugin for WordPress is vulnerable to... |
| CVE-2022-4958 | 2024-01-11 | qkmc-rk redbbs Post cross site scripting |
| CVE-2023-20573 | 2024-01-11 | Debug Exception Delivery in Secure Nested Paging |
| CVE-2023-6244 | 2024-01-11 | The EventON - WordPress Virtual Event Calendar Plugin plugin for... |
| CVE-2023-6242 | 2024-01-11 | The EventON - WordPress Virtual Event Calendar Plugin plugin for... |
| CVE-2023-6938 | 2024-01-11 | The Oxygen Builder plugin for WordPress is vulnerable to Stored... |
| CVE-2023-6554 | 2024-01-11 | Missing authorisation in TCExam |
| CVE-2023-5118 | 2024-01-11 | Stored cross-site scripting vulnerability in Kofax Capture software |
| CVE-2024-0429 | 2024-01-11 | Buffer overflow vulnerability on Hex Workshop |
| CVE-2024-0411 | 2024-01-11 | DeShang DSMall HTTP GET Request install.php access control |
| CVE-2024-0412 | 2024-01-11 | DeShang DSShop HTTP GET Request install.php access control |
| CVE-2024-0413 | 2024-01-11 | DeShang DSKMS install.php access control |
| CVE-2024-0414 | 2024-01-11 | DeShang DSCMS install.php access control |
| CVE-2024-0415 | 2024-01-11 | DeShang DSMall Image URL TaobaoExport.php access control |
| CVE-2024-0416 | 2024-01-11 | DeShang DSMall MemberAuth.php path traversal |
| CVE-2024-22199 | 2024-01-11 | Django Template Engine Vulnerable to XSS |
| CVE-2024-22197 | 2024-01-11 | Authenticated (user role) remote command execution by modifying `nginx` settings (GHSL-2023-269) |
| CVE-2024-0417 | 2024-01-11 | DeShang DSShop MemberAuth.php path traversal |
| CVE-2024-0418 | 2024-01-11 | iSharer and upRedSun File Sharing Wizard GET Request denial of service |
| CVE-2024-0419 | 2024-01-11 | Jasper httpdx HTTP POST Request denial of service |
| CVE-2024-0422 | 2024-01-11 | CodeAstro POS and Inventory Management System New Item Creation Page new_item cross site scripting |
| CVE-2024-22196 | 2024-01-11 | Authenticated (user role) SQL injection in `OrderAndPaginate` (GHSL-2023-270) |
| CVE-2024-0423 | 2024-01-11 | CodeAstro Online Food Ordering System dishes.php cross site scripting |
| CVE-2024-0424 | 2024-01-11 | CodeAstro Simple Banking System Create a User Page createuser.php cross site scripting |
| CVE-2024-22198 | 2024-01-11 | Authenticated (user role) arbitrary command execution by modifying `start_cmd` setting (GHSL-2023-268) |
| CVE-2024-0425 | 2024-01-11 | ForU CMS password recovery |
| CVE-2022-4959 | 2024-01-11 | qkmc-rk redbbs Nickname cross site scripting |
| CVE-2023-7226 | 2024-01-11 | meetyoucrop big-whale Admin Module all.api improper ownership management |
| CVE-2024-0426 | 2024-01-11 | ForU CMS cms_template.php sql injection |
| CVE-2024-20675 | 2024-01-11 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability |
| CVE-2024-21337 | 2024-01-11 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
| CVE-2024-0443 | 2024-01-11 | Kernel: blkio memory leakage due to blkcg and some blkgs are not freed after they are made offline. |
| CVE-2024-21982 | 2024-01-11 | CVE-2024-21982 Information Disclosure Vulnerability in ONTAP 9 |
| CVE-2022-48619 | 2024-01-12 | An issue was discovered in drivers/input/input.c in the Linux kernel... |
| CVE-2023-30016 | 2024-01-12 | SQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows... |
| CVE-2023-37117 | 2024-01-12 | A heap-use-after-free vulnerability was found in live555 version 2023.05.10 while... |
| CVE-2023-40362 | 2024-01-12 | An issue was discovered in CentralSquare Click2Gov Building Permit before... |
| CVE-2023-48166 | 2024-01-12 | A directory traversal vulnerability in the SOAP Server integrated in... |
| CVE-2023-50920 | 2024-01-12 | An issue was discovered on GL.iNet devices before version 4.5.0.... |
| CVE-2023-51790 | 2024-01-12 | Cross Site Scripting vulnerability in piwigo v.14.0.0 allows a remote... |
| CVE-2023-51806 | 2024-01-12 | File Upload vulnerability in Ujcms v.8.0.2 allows a local attacker... |
| CVE-2023-51949 | 2024-01-12 | Verydows v2.0 was discovered to contain a Cross-Site Request Forgery... |
| CVE-2023-51978 | 2024-01-12 | In PHPGurukul Art Gallery Management System v1.1, "Update Artist Image"... |
| CVE-2023-52026 | 2024-01-12 | TOTOlink EX1800T V9.1.0cu.2112_B20220316 was discovered to contain a remote command... |
| CVE-2023-52339 | 2024-01-12 | In libebml before 1.4.5, an integer overflow in MemIOCallback.cpp can... |
| CVE-2024-22493 | 2024-01-12 | A stored XSS vulnerability exists in JFinalcms 5.0.0 via the... |
| CVE-2024-23171 | 2024-01-12 | An issue was discovered in the CampaignEvents extension in MediaWiki... |
| CVE-2024-23174 | 2024-01-12 | An issue was discovered in the PageTriage extension in MediaWiki... |
| CVE-2024-23179 | 2024-01-12 | An issue was discovered in the GlobalBlocking extension in MediaWiki... |
| CVE-2016-20021 | 2024-01-12 | In Gentoo Portage before 3.0.47, there is missing PGP validation... |
| CVE-2022-48620 | 2024-01-12 | uev (aka libuev) before 2.4.1 has a buffer overflow in... |
| CVE-2023-30014 | 2024-01-12 | SQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows... |
| CVE-2023-30015 | 2024-01-12 | SQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows... |
| CVE-2023-48909 | 2024-01-12 | An issue was discovered in Jave2 version 3.3.1, allows attackers... |
| CVE-2023-50919 | 2024-01-12 | An issue was discovered on GL.iNet devices before version 4.5.0.... |
| CVE-2024-22492 | 2024-01-12 | A stored XSS vulnerability exists in JFinalcms 5.0.0 via the... |
| CVE-2024-22494 | 2024-01-12 | A stored XSS vulnerability exists in JFinalcms 5.0.0 via the... |
| CVE-2024-23172 | 2024-01-12 | An issue was discovered in the CheckUser extension in MediaWiki... |
| CVE-2024-23173 | 2024-01-12 | An issue was discovered in the Cargo extension in MediaWiki... |
| CVE-2024-23177 | 2024-01-12 | An issue was discovered in the WatchAnalytics extension in MediaWiki... |
| CVE-2024-23178 | 2024-01-12 | An issue was discovered in the Phonos extension in MediaWiki... |
| CVE-2024-23301 | 2024-01-12 | Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when... |
| CVE-2023-36842 | 2024-01-12 | Junos OS: jdhcpd will hang on receiving a specific DHCP packet |
| CVE-2024-21585 | 2024-01-12 | Junos OS and Junos OS Evolved: BGP session flaps on NSR-enabled devices can cause rpd crash |
| CVE-2024-21587 | 2024-01-12 | Junos OS: MX Series: Memory leak in bbe-smgd process if BFD liveness detection for DHCP subscribers is enabled |
| CVE-2024-21589 | 2024-01-12 | Paragon Active Assurance Control Center: Information disclosure vulnerability |
| CVE-2024-21591 | 2024-01-12 | Junos OS: SRX Series and EX Series: Security Vulnerability in J-web allows a preAuth Remote Code Execution |
| CVE-2024-21594 | 2024-01-12 | Junos OS: SRX 5000 Series: Repeated execution of a specific CLI command causes a flowd crash |
| CVE-2024-21595 | 2024-01-12 | Junos OS: EX4100, EX4400, EX4600, QFX5000 Series: A high rate of specific ICMP traffic will cause the PFE to hang |
| CVE-2024-21596 | 2024-01-12 | Junos OS and Junos OS Evolved: A specific BGP UPDATE message will cause a crash in the backup Routing Engine in NSR-enabled devices |
| CVE-2024-21597 | 2024-01-12 | Junos OS: MX Series: In an AF scenario traffic can bypass configured lo0 firewall filters |