CVE List - 2024 / January
Showing 1601 - 1700 of 2591 CVEs for January 2024 (Page 17 of 26)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-20260 | 2024-01-17 | A vulnerability in the application CLI of Cisco Prime Infrastructure... |
| CVE-2024-20287 | 2024-01-17 | A vulnerability in the web-based management interface of the Cisco... |
| CVE-2024-20277 | 2024-01-17 | A vulnerability in the web-based management interface of Cisco ThousandEyes... |
| CVE-2022-41619 | 2024-01-17 | WordPress Image Zoom Plugin <= 1.8.8 is vulnerable to Broken Access Control |
| CVE-2023-50950 | 2024-01-17 | IBM QRadar information disclosure |
| CVE-2022-41695 | 2024-01-17 | WordPress Traffic Manager Plugin <= 1.4.5 is vulnerable to Broken Access Control |
| CVE-2022-41786 | 2024-01-17 | WordPress WP Job Portal Plugin <= 2.0.1 is vulnerable to Broken Access Control |
| CVE-2022-41790 | 2024-01-17 | WordPress WP Time Slots Booking Form Plugin <= 1.1.76 is vulnerable to Broken Access Control |
| CVE-2022-42884 | 2024-01-17 | WordPress WIP Custom Login Plugin <= 1.2.7 is vulnerable to Broken Access Control |
| CVE-2024-0647 | 2024-01-17 | Sparksuite SimpleMDE iFrame cross site scripting |
| CVE-2023-7031 | 2024-01-17 | Avaya Experience Portal Manager Insecure Direct Object Reference Vulnerabilities |
| CVE-2023-6548 | 2024-01-17 | Improper Control of Generation of Code ('Code Injection') in NetScaler... |
| CVE-2023-6549 | 2024-01-17 | Improper Restriction of Operations within the Bounds of a Memory... |
| CVE-2023-5914 | 2024-01-17 | Cross-site scripting (XSS) |
| CVE-2024-22410 | 2024-01-17 | Binary Planting Attack on Windows Platforms in Creditcoin |
| CVE-2024-22414 | 2024-01-17 | User profile page vulnerable to Cross Site Scripting (XSS) in flaskBlog |
| CVE-2024-0648 | 2024-01-17 | Yunyou CMS Common.php unrestricted upload |
| CVE-2024-0649 | 2024-01-17 | ZhiHuiYun Search ImageController.php download_network_image server-side request forgery |
| CVE-2024-0650 | 2024-01-17 | Project Worlds Visitor Management System URL dataset.php cross site scripting |
| CVE-2024-22416 | 2024-01-17 | Cross-Site Request Forgery on any API call in pyLoad may lead to admin privilege escalation |
| CVE-2023-6340 | 2024-01-17 | SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and... |
| CVE-2023-51258 | 2024-01-18 | A memory leak issue discovered in YASM v.1.3.0 allows a... |
| CVE-2024-22549 | 2024-01-18 | FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in... |
| CVE-2024-22568 | 2024-01-18 | FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via... |
| CVE-2024-22591 | 2024-01-18 | FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via... |
| CVE-2024-22593 | 2024-01-18 | FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via... |
| CVE-2024-22601 | 2024-01-18 | FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via... |
| CVE-2024-22603 | 2024-01-18 | FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via... |
| CVE-2024-22818 | 2024-01-18 | FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerbility via... |
| CVE-2023-49943 | 2024-01-18 | Zoho ManageEngine ServiceDesk Plus MSP before 14504 allows stored XSS... |
| CVE-2023-50614 | 2024-01-18 | An issue discovereed in EBYTE E880-IR01-V1.1 allows an attacker to... |
| CVE-2023-51217 | 2024-01-18 | An issue discovered in TenghuTOS TWS-200 firmware version:V4.0-201809201424 allows a... |
| CVE-2024-22548 | 2024-01-18 | FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in... |
| CVE-2024-22592 | 2024-01-18 | FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via... |
| CVE-2024-22699 | 2024-01-18 | FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via... |
| CVE-2024-22817 | 2024-01-18 | FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via... |
| CVE-2024-22819 | 2024-01-18 | FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via... |
| CVE-2024-0651 | 2024-01-18 | PHPGurukul Company Visitor Management System search-visitor.php sql injection |
| CVE-2021-4433 | 2024-01-18 | Karjasoft Sami HTTP Server HTTP HEAD Rrequest denial of service |
| CVE-2024-0652 | 2024-01-18 | PHPGurukul Company Visitor Management System search-visitor.php cross site scripting |
| CVE-2024-0654 | 2024-01-18 | DeepFaceLab Util.py deserialization |
| CVE-2023-6184 | 2024-01-18 | Cross SiteScripting vulnerability in Citrix Session Recording allows attacker to... |
| CVE-2024-0655 | 2024-01-18 | Novel-Plus list sql injection |
| CVE-2023-48339 | 2024-01-18 | In jpg driver, there is a possible missing permission check.... |
| CVE-2023-48340 | 2024-01-18 | In video decoder, there is a possible out of bounds... |
| CVE-2023-48341 | 2024-01-18 | In video decoder, there is a possible out of bounds... |
| CVE-2023-48342 | 2024-01-18 | In media service, there is a possible out of bounds... |
| CVE-2023-48343 | 2024-01-18 | In video decoder, there is a possible out of bounds... |
| CVE-2023-48344 | 2024-01-18 | In video decoder, there is a possible out of bounds... |
| CVE-2023-48345 | 2024-01-18 | In video decoder, there is a possible out of bounds... |
| CVE-2023-48346 | 2024-01-18 | In video decoder, there is a possible improper input validation.... |
| CVE-2023-48347 | 2024-01-18 | In video decoder, there is a possible out of bounds... |
| CVE-2023-48348 | 2024-01-18 | In video decoder, there is a possible out of bounds... |
| CVE-2023-48349 | 2024-01-18 | In video decoder, there is a possible out of bounds... |
| CVE-2023-48350 | 2024-01-18 | In video decoder, there is a possible out of bounds... |
| CVE-2023-48351 | 2024-01-18 | In video decoder, there is a possible out of bounds... |
| CVE-2023-48352 | 2024-01-18 | In phasecheckserver, there is a possible out of bounds write... |
| CVE-2023-48353 | 2024-01-18 | In vsp driver, there is a possible use after free... |
| CVE-2023-48354 | 2024-01-18 | In telephone service, there is a possible improper input validation.... |
| CVE-2023-48355 | 2024-01-18 | In jpg driver, there is a possible out of bounds... |
| CVE-2023-48356 | 2024-01-18 | In jpg driver, there is a possible out of bounds... |
| CVE-2023-48357 | 2024-01-18 | In vsp driver, there is a possible out of bounds... |
| CVE-2023-48358 | 2024-01-18 | In drm driver, there is a possible out of bounds... |
| CVE-2023-48359 | 2024-01-18 | In autotest driver, there is a possible out of bounds... |
| CVE-2023-6816 | 2024-01-18 | Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer |
| CVE-2023-6970 | 2024-01-18 | The WP Recipe Maker plugin for WordPress is vulnerable to... |
| CVE-2024-0381 | 2024-01-18 | The WP Recipe Maker plugin for WordPress is vulnerable to... |
| CVE-2023-6958 | 2024-01-18 | The WP Recipe Maker plugin for WordPress is vulnerable to... |
| CVE-2024-0580 | 2024-01-18 | Omission of key-controlled authorization in Qsige |
| CVE-2023-51464 | 2024-01-18 | Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2023-51463 | 2024-01-18 | Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79) |
| CVE-2024-0669 | 2024-01-18 | Cross-Frame Scripting (XFS) on Plone CMS |
| CVE-2023-5806 | 2024-01-18 | SQLi in Mergen Soft Quality Management System |
| CVE-2024-22317 | 2024-01-18 | IBM App Connect Enterprise denial of service |
| CVE-2023-7153 | 2024-01-18 | Reflected XSS in Macroturk's Macro-Bel |
| CVE-2021-33630 | 2024-01-18 | NULL-ptr-deref in network sched |
| CVE-2021-33631 | 2024-01-18 | Kernel crash in EXT4 filesystem |
| CVE-2023-40051 | 2024-01-18 | Progress Application Server (PAS) for OpenEdge File Upload via Directory Traversal |
| CVE-2023-40052 | 2024-01-18 | Progress Application Server (PAS) for OpenEdge Denial of Service |
| CVE-2024-0408 | 2024-01-18 | Xorg-x11-server: selinux unlabeled glx pbuffer |
| CVE-2024-0409 | 2024-01-18 | Xorg-x11-server: selinux context corruption |
| CVE-2024-0607 | 2024-01-18 | Kernel: nf_tables: pointer math issue in nft_byteorder_eval() |
| CVE-2023-28900 | 2024-01-18 | Nickname Disclosure on the Backend Automotive Server |
| CVE-2023-28901 | 2024-01-18 | Trip Data Disclosure from Backend |
| CVE-2023-31274 | 2024-01-18 | Missing Release of Resource after Effective Lifetime vulnerability in Aveva PI Server |
| CVE-2023-34348 | 2024-01-18 | Improper Check or Handling of Exceptional Conditions in Aveva PI Server |
| CVE-2024-22419 | 2024-01-18 | concat built-in can corrupt memory in vyper |
| CVE-2024-22212 | 2024-01-18 | Nextcloud global site selector authentication bypass |
| CVE-2024-22213 | 2024-01-18 | Cross-site Scripting when sending HTML as a comment in the Nextcloud Deck app |
| CVE-2024-22400 | 2024-01-18 | Open redirect in user_saml via RelayState parameter in Nextcloud User Saml |
| CVE-2024-22403 | 2024-01-18 | OAuth2 authorization codes are valid indefinetly in Nextcloud server |
| CVE-2024-22404 | 2024-01-18 | Permissions bypass in Nextcloud with the files zip app |
| CVE-2024-22401 | 2024-01-18 | All users can reset the allowed apps list for Nextcloud Guest App users |
| CVE-2024-22402 | 2024-01-18 | Improper handling of request URLs in Nextcloud Guests app allows guest users to bypass app allowlist |
| CVE-2024-22415 | 2024-01-18 | Unsecured endpoints in the jupyter-lsp server extension |
| CVE-2024-22418 | 2024-01-18 | Stored Cross-site Scripting Vulnerability via Malicious File Names in GroupOffice |
| CVE-2023-5130 | 2024-01-18 | Delta Electronics WPLSoft Buffer-Overflow |
| CVE-2023-5131 | 2024-01-18 | Delta Electronics ISPSoft Heap Buffer-Overflow |
| CVE-2023-43815 | 2024-01-18 | Delta Electronics Delta Industrial Automation DOPSoft DPS File wScreenDESCTextLen Buffer Overflow Remote Code Execution |
| CVE-2023-43816 | 2024-01-18 | Delta Electronics Delta Industrial Automation DOPSoft DPS File wKPFStringLen Buffer Overflow Remote Code Execution |