CVE List - 2024 / January
Showing 1101 - 1200 of 2591 CVEs for January 2024 (Page 12 of 26)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-21599 | 2024-01-12 | Junos OS: MX Series: MPC3E memory leak with PTP configuration |
| CVE-2024-21600 | 2024-01-12 | Junos OS: PTX Series: In an FTI scenario MPLS packets hitting reject next-hop will cause a host path wedge condition |
| CVE-2024-21601 | 2024-01-12 | Junos OS: SRX Series: Due to an error in processing TCP events flowd will crash |
| CVE-2024-21602 | 2024-01-12 | Junos OS Evolved: ACX7024, ACX7100-32C and ACX7100-48L: Traffic stops when a specific IPv4 UDP packet is received by the RE |
| CVE-2024-21603 | 2024-01-12 | Junos OS: MX Series: Gathering statistics in a scaled SCU/DCU configuration will lead to a device crash |
| CVE-2024-21604 | 2024-01-12 | Junos OS Evolved: A high rate of specific traffic will cause a complete system outage |
| CVE-2024-21606 | 2024-01-12 | Junos OS: SRX Series: When "tcp-encap" is configured and specific packets are received flowd will crash |
| CVE-2024-21607 | 2024-01-12 | Junos OS: MX Series and EX9200 Series: If the "tcp-reset" option used in an IPv6 filter, matched packets are accepted instead of rejected |
| CVE-2024-21611 | 2024-01-12 | Junos OS and Junos OS Evolved: In a jflow scenario continuous route churn will cause a memory leak and eventually an rpd crash |
| CVE-2024-21612 | 2024-01-12 | Junos OS Evolved: Specific TCP traffic causes OFP core and restart of RE |
| CVE-2024-21613 | 2024-01-12 | Junos OS and Junos OS Evolved: A link flap causes patroot memory leak which leads to rpd crash |
| CVE-2024-21614 | 2024-01-12 | Junos OS and Junos OS Evolved: A specific query via DREND causes rpd crash |
| CVE-2024-21616 | 2024-01-12 | Junos OS: MX Series and SRX Series: Processing of a specific SIP packet causes NAT IP allocation to fail |
| CVE-2024-21617 | 2024-01-12 | Junos OS: BGP flap on NSR-enabled devices causes memory leak |
| CVE-2023-40250 | 2024-01-12 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')... |
| CVE-2023-6040 | 2024-01-12 | An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family) |
| CVE-2024-0454 | 2024-01-12 | Security Vulnerability on Match-on-Chip FPR Architecture |
| CVE-2022-4960 | 2024-01-12 | cloudfavorites favorites-web Nickname cross site scripting |
| CVE-2022-4961 | 2024-01-12 | Weitong Mall OrderDao.xml sql injection |
| CVE-2024-22027 | 2024-01-12 | Improper input validation vulnerability in WordPress Quiz Maker Plugin prior... |
| CVE-2023-34061 | 2024-01-12 | CVE-2023-34061 – Gorouter route pruning |
| CVE-2023-31211 | 2024-01-12 | Disabled automation users could still authenticate |
| CVE-2023-6735 | 2024-01-12 | Privilege escalation in mk_tsm |
| CVE-2023-6740 | 2024-01-12 | Privilege escalation in jar_signature |
| CVE-2023-49568 | 2024-01-12 | Maliciously crafted Git server replies can cause DoS on go-git clients |
| CVE-2023-49569 | 2024-01-12 | Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients |
| CVE-2023-0437 | 2024-01-12 | MongoDB client C Driver may infinitely loop when validating certain BSON input data |
| CVE-2023-6955 | 2024-01-12 | Missing Authorization in GitLab |
| CVE-2023-7028 | 2024-01-12 | Weak Password Recovery Mechanism for Forgotten Password in GitLab |
| CVE-2023-5356 | 2024-01-12 | Incorrect Authorization in GitLab |
| CVE-2023-4812 | 2024-01-12 | Incorrect Authorization in GitLab |
| CVE-2023-2030 | 2024-01-12 | Improper Verification of Cryptographic Signature in GitLab |
| CVE-2023-49253 | 2024-01-12 | Predefined root password |
| CVE-2023-49254 | 2024-01-12 | Command injection in the network test tools |
| CVE-2023-49255 | 2024-01-12 | Router console accessible without authentication |
| CVE-2023-49256 | 2024-01-12 | Predictable encryption passphrase used in publicly accessible configuration file |
| CVE-2023-49257 | 2024-01-12 | Command execution using the certificate upload utility |
| CVE-2023-49258 | 2024-01-12 | Reflected cross-site scripting vulnerability |
| CVE-2023-49259 | 2024-01-12 | Bruteforcing authentication cookie for a given user |
| CVE-2023-49260 | 2024-01-12 | Stored cross-site scripting vulnerability |
| CVE-2023-49261 | 2024-01-12 | Sensitive authentication-related value accessible publicly |
| CVE-2023-49262 | 2024-01-12 | Buffer overflow vulnerability in Cookie authentication field |
| CVE-2024-0459 | 2024-01-12 | Blood Bank & Donor Management request-received-bydonar.php sql injection |
| CVE-2024-0460 | 2024-01-12 | code-projects Faculty Management System student-print.php sql injection |
| CVE-2023-28897 | 2024-01-12 | Hard-coded password for UDS services |
| CVE-2023-28898 | 2024-01-12 | Head Unit Denial-of-Service via Apple CarPlay service |
| CVE-2023-28899 | 2024-01-12 | Denial of Service via ECU reset service |
| CVE-2024-0461 | 2024-01-12 | code-projects Online Faculty Clearance HTTP POST Request deactivate.php sql injection |
| CVE-2023-46805 | 2024-01-12 | An authentication bypass vulnerability in the web component of Ivanti... |
| CVE-2024-21887 | 2024-01-12 | A command injection vulnerability in web components of Ivanti Connect... |
| CVE-2023-31036 | 2024-01-12 | CVE |
| CVE-2024-0462 | 2024-01-12 | code-projects Online Faculty Clearance HTTP POST Request designee_view_status.php sql injection |
| CVE-2024-0463 | 2024-01-12 | code-projects Online Faculty Clearance HTTP POST Request admin_view_info.php sql injection |
| CVE-2024-0464 | 2024-01-12 | code-projects Online Faculty Clearance HTTP GET Request delete_faculty.php sql injection |
| CVE-2023-31029 | 2024-01-12 | CVE |
| CVE-2023-31030 | 2024-01-12 | CVE |
| CVE-2023-31024 | 2024-01-12 | CVE |
| CVE-2023-31032 | 2024-01-12 | CVE |
| CVE-2023-31035 | 2024-01-12 | CVE |
| CVE-2023-31033 | 2024-01-12 | CVE |
| CVE-2023-31034 | 2024-01-12 | CVE |
| CVE-2023-31025 | 2024-01-12 | CVE |
| CVE-2023-31031 | 2024-01-12 | CVE |
| CVE-2024-0465 | 2024-01-12 | code-projects Employee Profile Management System download.php path traversal |
| CVE-2024-0466 | 2024-01-12 | code-projects Employee Profile Management System file_table.php sql injection |
| CVE-2023-6683 | 2024-01-12 | Qemu: vnc: null pointer dereference in qemu_clipboard_request() |
| CVE-2010-10011 | 2024-01-12 | Acritum Femitter Server path traversal |
| CVE-2024-0467 | 2024-01-12 | code-projects Employee Profile Management System edit_position_query.php cross site scripting |
| CVE-2024-22206 | 2024-01-12 | @clerk/nextjs auth() and getAuth() methods vulnerable to insecure direct object reference (IDOR) |
| CVE-2023-51698 | 2024-01-12 | Atril's CBT comic book parsing vulnerable to Remote Code Execution |
| CVE-2024-0468 | 2024-01-12 | code-projects Fighting Cock Information System new-father.php unrestricted upload |
| CVE-2024-0469 | 2024-01-12 | code-projects Human Resource Integrated System update_personal_info.php sql injection |
| CVE-2023-48297 | 2024-01-12 | Discourse vulnerable to unlimited mentioned users in message serializer |
| CVE-2023-49098 | 2024-01-12 | Reaction data for user notifications exposed in Discourse-reactions |
| CVE-2024-21655 | 2024-01-12 | Insufficient control of custom field value sizes |
| CVE-2023-49099 | 2024-01-12 | Discourse secure uploads accessible to guests even when login is required |
| CVE-2023-42463 | 2024-01-12 | wazuh-logcollector integer underflow local privilege escalation |
| CVE-2024-21654 | 2024-01-12 | rubygems.org MFA Bypass through password reset function could allow account takeover |
| CVE-2024-0470 | 2024-01-12 | code-projects Human Resource Integrated System inc_service_credits.php sql injection |
| CVE-2024-0471 | 2024-01-12 | code-projects Human Resource Integrated System dec_service_credits.php sql injection |
| CVE-2023-49801 | 2024-01-12 | Lif Auth Server vulnerable to uncontrolled data in path expression |
| CVE-2024-21639 | 2024-01-12 | OOB Access in CefLayeredWindowUpdaterOSR::OnAllocatedSharedMemory |
| CVE-2024-0472 | 2024-01-12 | code-projects Dormitory Management System modifyuser.php information disclosure |
| CVE-2024-0473 | 2024-01-12 | code-projects Dormitory Management System comment.php sql injection |
| CVE-2023-49647 | 2024-01-12 | Zoom Desktop Client for Windows - Improper Access Control |
| CVE-2022-4962 | 2024-01-12 | Apollo Configuration Center users improper authorization |
| CVE-2024-0474 | 2024-01-12 | code-projects Dormitory Management System login.php sql injection |
| CVE-2024-0230 | 2024-01-12 | A session management issue was addressed with improved checks. This... |
| CVE-2024-22142 | 2024-01-12 | WordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2024-22137 | 2024-01-12 | WordPress Constant Contact Forms by MailMunch Plugin <= 2.0.11 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-33472 | 2024-01-13 | An issue was discovered in Scada-LTS v2.7.5.2 build 4551883606 and... |
| CVE-2023-46943 | 2024-01-13 | An issue was discovered in NPM's package @evershop/evershop before version... |
| CVE-2023-51062 | 2024-01-13 | An unauthenticated log file read in the component log-smblog-save of... |
| CVE-2023-51064 | 2024-01-13 | QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 was... |
| CVE-2023-51065 | 2024-01-13 | Incorrect access control in QStar Archive Solutions Release RELEASE_3-0 Build... |
| CVE-2023-51067 | 2024-01-13 | An unauthenticated reflected cross-site scripting (XSS) vulnerability in QStar Archive... |
| CVE-2023-51070 | 2024-01-13 | An access control issue in QStar Archive Solutions Release RELEASE_3-0... |
| CVE-2023-51805 | 2024-01-13 | SQL Injection vulnerability in TDuckCLoud tduck-platform v.4.0 allows a remote... |
| CVE-2023-52288 | 2024-01-13 | An issue was discovered in the flaskcode package through 0.0.8... |
| CVE-2023-52289 | 2024-01-13 | An issue was discovered in the flaskcode package through 0.0.8... |