CVE List - 2024 / January
Showing 1301 - 1400 of 2591 CVEs for January 2024 (Page 14 of 26)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-0314 | 2024-01-15 | XSS vulnerability in FireEye Central Management |
| CVE-2024-0315 | 2024-01-15 | Remote file inclusion vulnerability in FireEye Central Management |
| CVE-2024-0316 | 2024-01-15 | Improper cleanup vulnerability in FireEye Endpoint Security |
| CVE-2024-0317 | 2024-01-15 | Cross-Site Scripting in FireEye EX |
| CVE-2024-0318 | 2024-01-15 | Cross-Site Scripting in FireEye HXTool |
| CVE-2024-0319 | 2024-01-15 | Open Redirect vulnerability in FireEye HXTool |
| CVE-2024-0320 | 2024-01-15 | Cross-Site Scripting in FireEye Malware Analysis (AX) |
| CVE-2024-0557 | 2024-01-15 | DedeBIZ Website Copyright Setting cross site scripting |
| CVE-2024-0558 | 2024-01-15 | DedeBIZ makehtml_freelist_action.php sql injection |
| CVE-2024-0562 | 2024-01-15 | Kernel: use-after-free after removing device in wb_inode_writeback_end in mm/page-writeback.c |
| CVE-2024-0565 | 2024-01-15 | Kernel: cifs filesystem decryption improper input validation remote code execution vulnerability in function receive_encrypted_standard of client |
| CVE-2023-7206 | 2024-01-15 | Horner Automation Cscape Stack-Based Buffer Overflow |
| CVE-2023-36236 | 2024-01-16 | Cross Site Scripting vulnerability in webkil Bagisto v.1.5.0 and before... |
| CVE-2023-41619 | 2024-01-16 | Emlog Pro v2.1.14 was discovered to contain a cross-site scripting... |
| CVE-2023-47459 | 2024-01-16 | An issue in Knovos Discovery v.22.67.0 allows a remote attacker... |
| CVE-2023-48104 | 2024-01-16 | Alinto SOGo before 5.9.1 is vulnerable to HTML Injection. |
| CVE-2023-51257 | 2024-01-16 | An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and... |
| CVE-2023-51282 | 2024-01-16 | An issue in mingSoft MCMS v.5.2.4 allows a a remote... |
| CVE-2023-51807 | 2024-01-16 | Cross Site Scripting vulnerability in OFCMS v.1.14 allows a remote... |
| CVE-2023-51810 | 2024-01-16 | SQL injection vulnerability in StackIdeas EasyDiscuss v.5.0.5 and fixed in... |
| CVE-2023-52041 | 2024-01-16 | An issue discovered in TOTOLINK X6000R V9.4.0cu.852_B20230719 allows attackers to... |
| CVE-2023-52042 | 2024-01-16 | An issue discovered in sub_4117F8 function in TOTOLINK X6000R V9.4.0cu.852_B20230719... |
| CVE-2023-52068 | 2024-01-16 | kodbox v1.43 was discovered to contain a cross-site scripting (XSS)... |
| CVE-2024-22627 | 2024-01-16 | Complete Supplier Management System v1.0 is vulnerable to SQL Injection... |
| CVE-2024-22916 | 2024-01-16 | In D-LINK Go-RT-AC750 v101b03, the sprintf function in the sub_40E700... |
| CVE-2023-39691 | 2024-01-16 | An issue discovered in kodbox through 1.43 allows attackers to... |
| CVE-2023-43449 | 2024-01-16 | An issue in HummerRisk HummerRisk v.1.10 thru 1.4.1 allows an... |
| CVE-2023-47460 | 2024-01-16 | SQL injection vulnerability in Knovos Discovery v.22.67.0 allows a remote... |
| CVE-2023-48926 | 2024-01-16 | An issue in 202 ecommerce Advanced Loyalty Program: Loyalty Points... |
| CVE-2023-49351 | 2024-01-16 | A stack-based buffer overflow vulnerability in /bin/webs binary in Edimax... |
| CVE-2023-51059 | 2024-01-16 | An issue in MOKO TECHNOLOGY LTD MOKOSmart MKGW1 BLE Gateway... |
| CVE-2024-22491 | 2024-01-16 | A Stored Cross Site Scripting (XSS) vulnerability in beetl-bbs 2.0... |
| CVE-2024-22625 | 2024-01-16 | Complete Supplier Management System v1.0 is vulnerable to SQL Injection... |
| CVE-2024-22626 | 2024-01-16 | Complete Supplier Management System v1.0 is vulnerable to SQL Injection... |
| CVE-2024-22628 | 2024-01-16 | Budget and Expense Tracker System v1.0 is vulnerable to SQL... |
| CVE-2023-49106 | 2024-01-16 | Missing Password Field Masking Vulnerability in Hitachi Device Manager |
| CVE-2023-49107 | 2024-01-16 | Generation of Error Message Containing Sensitive Information Vulnerability in Hitachi Device Manager |
| CVE-2023-6457 | 2024-01-16 | File and Directory Permission Vulnerability in Hitachi Tuning Manager |
| CVE-2024-22362 | 2024-01-16 | Drupal contains a vulnerability with improper handling of structural elements.... |
| CVE-2024-22428 | 2024-01-16 | Dell iDRAC Service Module, versions 5.2.0.0 and prior, contain an... |
| CVE-2023-22526 | 2024-01-16 | This High severity RCE (Remote Code Execution) vulnerability was introduced... |
| CVE-2024-21674 | 2024-01-16 | This High severity Remote Code Execution (RCE) vulnerability was introduced... |
| CVE-2023-22527 | 2024-01-16 | A template injection vulnerability on older versions of Confluence Data... |
| CVE-2024-21672 | 2024-01-16 | This High severity Remote Code Execution (RCE) vulnerability was introduced... |
| CVE-2024-21673 | 2024-01-16 | This High severity Remote Code Execution (RCE) vulnerability was introduced... |
| CVE-2023-4566 | 2024-01-16 | Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful... |
| CVE-2023-44117 | 2024-01-16 | Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful... |
| CVE-2023-52109 | 2024-01-16 | Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful... |
| CVE-2023-52110 | 2024-01-16 | The sensor module has an out-of-bounds access vulnerability.Successful exploitation of... |
| CVE-2023-52111 | 2024-01-16 | Authorization vulnerability in the BootLoader module. Successful exploitation of this... |
| CVE-2023-52112 | 2024-01-16 | Unauthorized file access vulnerability in the wallpaper service module. Successful... |
| CVE-2023-52113 | 2024-01-16 | launchAnyWhere vulnerability in the ActivityManagerService module. Successful exploitation of this... |
| CVE-2011-10005 | 2024-01-16 | EasyFTP MKD Command buffer overflow |
| CVE-2023-44112 | 2024-01-16 | Out-of-bounds access vulnerability in the device authentication module. Successful exploitation... |
| CVE-2023-52114 | 2024-01-16 | Data confidentiality vulnerability in the ScreenReader module. Successful exploitation of... |
| CVE-2023-52115 | 2024-01-16 | The iaware module has a Use-After-Free (UAF) vulnerability. Successful exploitation... |
| CVE-2023-52116 | 2024-01-16 | Permission management vulnerability in the multi-screen interaction module. Successful exploitation... |
| CVE-2023-52107 | 2024-01-16 | Vulnerability of permissions being not strictly verified in the WMS... |
| CVE-2023-52108 | 2024-01-16 | Vulnerability of process priorities being raised in the ActivityManagerService module.... |
| CVE-2023-52098 | 2024-01-16 | Denial of Service (DoS) vulnerability in the DMS module. Successful... |
| CVE-2023-34063 | 2024-01-16 | Aria Automation contains a Missing Access Control vulnerability. An authenticated... |
| CVE-2023-52099 | 2024-01-16 | Vulnerability of foreground service restrictions being bypassed in the NMS... |
| CVE-2023-52100 | 2024-01-16 | The Celia Keyboard module has a vulnerability in access control.... |
| CVE-2023-52101 | 2024-01-16 | Component exposure vulnerability in the Wi-Fi module. Successful exploitation of... |
| CVE-2023-52102 | 2024-01-16 | Vulnerability of parameters being not verified in the WMS module.... |
| CVE-2023-52103 | 2024-01-16 | Buffer overflow vulnerability in the FLP module. Successful exploitation of... |
| CVE-2023-52104 | 2024-01-16 | Vulnerability of parameters being not verified in the WMS module.... |
| CVE-2023-52105 | 2024-01-16 | The nearby module has a privilege escalation vulnerability. Successful exploitation... |
| CVE-2023-52106 | 2024-01-16 | Vulnerability of permission verification for APIs in the DownloadProviderMain module.... |
| CVE-2024-0554 | 2024-01-16 | Cross-site scripting (XSS) vulnerability on WIC1200 |
| CVE-2024-0555 | 2024-01-16 | Cross-Site Request Forgery (CSRF) vulnerability on WIC1200 |
| CVE-2024-0556 | 2024-01-16 | Weak Cryptography for Passwords vulnerability on WIC1200 |
| CVE-2024-0553 | 2024-01-16 | Gnutls: incomplete fix for cve-2023-5981 |
| CVE-2024-0569 | 2024-01-16 | Totolink T8 Setting cstecgi.cgi getSysStatusCfg information disclosure |
| CVE-2024-0581 | 2024-01-16 | Uncontrolled Resource Consumption vulnerability on Sandsprite scdbg |
| CVE-2024-0570 | 2024-01-16 | Totolink N350RT Setting cstecgi.cgi access control |
| CVE-2024-0571 | 2024-01-16 | Totolink LR1200GB cstecgi.cgi setSmsCfg stack-based overflow |
| CVE-2024-0572 | 2024-01-16 | Totolink LR1200GB cstecgi.cgi setOpModeCfg stack-based overflow |
| CVE-2024-0232 | 2024-01-16 | Sqlite: use-after-free bug in jsonparseaddnodearray |
| CVE-2024-0567 | 2024-01-16 | Gnutls: rejects certificate chain with distributed trust |
| CVE-2021-4432 | 2024-01-16 | PCMan FTP Server USER Command denial of service |
| CVE-2024-0573 | 2024-01-16 | Totolink LR1200GB cstecgi.cgi setDiagnosisCfg stack-based overflow |
| CVE-2023-6395 | 2024-01-16 | Mock: privilege escalation for users that can access mock configuration |
| CVE-2024-0582 | 2024-01-16 | Kernel: io_uring: page use-after-free vulnerability via buffer ring mmap |
| CVE-2024-0574 | 2024-01-16 | Totolink LR1200GB cstecgi.cgi setParentalRules stack-based overflow |
| CVE-2024-0575 | 2024-01-16 | Totolink LR1200GB cstecgi.cgi setTracerouteCfg stack-based overflow |
| CVE-2024-0576 | 2024-01-16 | Totolink LR1200GB cstecgi.cgi setIpPortFilterRules stack-based overflow |
| CVE-2024-0577 | 2024-01-16 | Totolink LR1200GB cstecgi.cgi setLanguageCfg stack-based overflow |
| CVE-2021-24567 | 2024-01-16 | Simple Post <= 1.1 - Authenticated Stored Cross-Site Scripting (XSS) |
| CVE-2021-24566 | 2024-01-16 | WooCommerce Currency Switcher < 1.3.7 - Authenticated (Low Privilege) Local File Inclusion |
| CVE-2021-24559 | 2024-01-16 | Qyrr < 0.7 - Authenticated (contributor+) Stored XSS |
| CVE-2021-24151 | 2024-01-16 | WP Editor < 1.2.7 - Authenticated SQL injection |
| CVE-2021-25117 | 2024-01-16 | WP Postratings < 1.86.1 - Admin+ Stored Cross-Site Scripting |
| CVE-2021-24432 | 2024-01-16 | Advanced AJAX Product Filters < 1.5.4.7 - Unauthenticated Reflected Cross-Site Scripting (XSS) |
| CVE-2021-24433 | 2024-01-16 | Simple Sort&Search <= 0.0.3 - Ccontributor+ Stored XSS |
| CVE-2021-24869 | 2024-01-16 | WP Fastest Cache < 0.9.5 - Subscriber+ SQL Injection |
| CVE-2021-24870 | 2024-01-16 | WP Fastest Cache < 0.9.5 - CSRF to Stored Cross-Site Scripting |
| CVE-2022-2413 | 2024-01-16 | Slide Anything < 2.3.47 - Author+ Cross Site Scripting in slide title |
| CVE-2022-1563 | 2024-01-16 | WPGraphQL WooCommerce <= 0.11.0 - Unauthenticated Coupon Codes Disclosure |
| CVE-2022-1538 | 2024-01-16 | Theme-Demo-Importer < 1.1.1 - Admin+ Arbitrary File Upload |