CVE List - 2024 / January
Showing 1901 - 2000 of 2591 CVEs for January 2024 (Page 20 of 26)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-23345 | 2024-01-22 | Nautobot has XSS potential in rendered Markdown fields |
| CVE-2021-42142 | 2024-01-23 | An issue was discovered in Contiki-NG tinyDTLS through master branch... |
| CVE-2023-35836 | 2024-01-23 | An issue was discovered in SolaX Pocket WiFi 3 through... |
| CVE-2023-35837 | 2024-01-23 | An issue was discovered in SolaX Pocket WiFi 3 through... |
| CVE-2023-36177 | 2024-01-23 | An issue was discovered in badaix Snapcast version 0.27.0, allows... |
| CVE-2023-42144 | 2024-01-23 | Cleartext Transmission during initial setup in Shelly TRV 20220811-15234 v.2.1.8... |
| CVE-2023-46343 | 2024-01-23 | In the Linux kernel before 6.5.9, there is a NULL... |
| CVE-2023-46889 | 2024-01-23 | Meross MSH30Q 4.5.23 is vulnerable to Cleartext Transmission of Sensitive... |
| CVE-2023-46892 | 2024-01-23 | The radio frequency communication protocol being used by Meross MSH30Q... |
| CVE-2023-51042 | 2024-01-23 | In the Linux kernel before 6.4.12, amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c has... |
| CVE-2023-51043 | 2024-01-23 | In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-free... |
| CVE-2023-51210 | 2024-01-23 | SQL injection vulnerability in Webkul Bundle Product 6.0.1 allows a... |
| CVE-2024-22076 | 2024-01-23 | MyQ Print Server before 8.2 patch 43 allows remote authenticated... |
| CVE-2024-22490 | 2024-01-23 | Cross Site Scripting (XSS) vulnerability in beetl-bbs 2.0 allows attackers... |
| CVE-2024-22660 | 2024-01-23 | TOTOLINK_A3700R_V9.1.2u.6165_20211012has a stack overflow vulnerability via setLanguageCfg |
| CVE-2024-22662 | 2024-01-23 | TOTOLINK A3700R_V9.1.2u.6165_20211012 has a stack overflow vulnerability via setParentalRules |
| CVE-2024-23850 | 2024-01-23 | In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1,... |
| CVE-2023-31654 | 2024-01-23 | Redis raft master-1b8bd86 to master-7b46079 was discovered to contain an... |
| CVE-2023-35835 | 2024-01-23 | An issue was discovered in SolaX Pocket WiFi 3 through... |
| CVE-2023-42143 | 2024-01-23 | Missing Integrity Check in Shelly TRV 20220811-152343/v2.1.8@5afc928c allows malicious users... |
| CVE-2023-45889 | 2024-01-23 | A Universal Cross Site Scripting (UXSS) vulnerability in ClassLink OneClick... |
| CVE-2024-22496 | 2024-01-23 | Cross Site Scripting (XSS) vulnerability in JFinalcms 5.0.0 allows attackers... |
| CVE-2024-22497 | 2024-01-23 | Cross Site Scripting (XSS) vulnerability in /admin/login password parameter in... |
| CVE-2024-22663 | 2024-01-23 | TOTOLINK_A3700R_V9.1.2u.6165_20211012has a command Injection vulnerability via setOpModeCfg |
| CVE-2024-22705 | 2024-01-23 | An issue was discovered in ksmbd in the Linux kernel... |
| CVE-2024-23848 | 2024-01-23 | In the Linux kernel through 6.7.1, there is a use-after-free... |
| CVE-2024-23849 | 2024-01-23 | In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1,... |
| CVE-2024-23851 | 2024-01-23 | copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can... |
| CVE-2024-23217 | 2024-01-23 | A privacy issue was addressed with improved handling of temporary... |
| CVE-2023-42888 | 2024-01-23 | The issue was addressed with improved checks. This issue is... |
| CVE-2023-42935 | 2024-01-23 | An authentication issue was addressed with improved state management. This... |
| CVE-2023-40528 | 2024-01-23 | This issue was addressed by removing the vulnerable code. This... |
| CVE-2024-23211 | 2024-01-23 | A privacy issue was addressed with improved handling of user... |
| CVE-2024-23207 | 2024-01-23 | This issue was addressed with improved redaction of sensitive information.... |
| CVE-2024-23206 | 2024-01-23 | An access issue was addressed with improved access restrictions. This... |
| CVE-2024-23210 | 2024-01-23 | This issue was addressed with improved redaction of sensitive information.... |
| CVE-2024-23213 | 2024-01-23 | The issue was addressed with improved memory handling. This issue... |
| CVE-2024-23209 | 2024-01-23 | The issue was addressed with improved memory handling. This issue... |
| CVE-2024-23224 | 2024-01-23 | The issue was addressed with improved checks. This issue is... |
| CVE-2023-42881 | 2024-01-23 | The issue was addressed with improved memory handling. This issue... |
| CVE-2024-23208 | 2024-01-23 | The issue was addressed with improved memory handling. This issue... |
| CVE-2024-23212 | 2024-01-23 | The issue was addressed with improved memory handling. This issue... |
| CVE-2024-23204 | 2024-01-23 | The issue was addressed with additional permissions checks. This issue... |
| CVE-2024-23219 | 2024-01-23 | The issue was addressed with improved authentication. This issue is... |
| CVE-2024-23223 | 2024-01-23 | A privacy issue was addressed with improved handling of files.... |
| CVE-2024-23203 | 2024-01-23 | The issue was addressed with additional permissions checks. This issue... |
| CVE-2024-23215 | 2024-01-23 | An issue was addressed with improved handling of temporary files.... |
| CVE-2024-23214 | 2024-01-23 | Multiple memory corruption issues were addressed with improved memory handling.... |
| CVE-2023-42937 | 2024-01-23 | A privacy issue was addressed with improved private data redaction... |
| CVE-2024-23222 | 2024-01-23 | A type confusion issue was addressed with improved checks. This... |
| CVE-2023-42887 | 2024-01-23 | An access issue was addressed with additional sandbox restrictions. This... |
| CVE-2024-23218 | 2024-01-23 | A timing side-channel issue was addressed with improvements to constant-time... |
| CVE-2023-39197 | 2024-01-23 | Kernel: dccp: conntrack out-of-bounds read in nf_conntrack_dccp_packet() |
| CVE-2024-22768 | 2024-01-23 | Hitron Systems DVR HVR-4781 Improper Input Validation Vulnerability |
| CVE-2024-22769 | 2024-01-23 | Hitron Systems DVR HVR-8781 Improper Input Validation Vulnerability |
| CVE-2024-22770 | 2024-01-23 | Hitron Systems DVR HVR-16781 Improper Input Validation Vulnerability |
| CVE-2024-22771 | 2024-01-23 | Hitron Systems DVR LGUVR-4H Improper Input Validation Vulnerability |
| CVE-2024-22772 | 2024-01-23 | Hitron Systems DVR LGUVR-8H Improper Input Validation Vulnerability |
| CVE-2024-23842 | 2024-01-23 | Hitron Systems DVR LGUVR-16H Improper Input Validation Vulnerability |
| CVE-2024-0587 | 2024-01-23 | The AMP for WP – Accelerated Mobile Pages plugin for... |
| CVE-2024-23180 | 2024-01-23 | Improper input validation vulnerability in a-blog cms Ver.3.1.x series versions... |
| CVE-2024-23181 | 2024-01-23 | Cross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior... |
| CVE-2024-23182 | 2024-01-23 | Relative path traversal vulnerability in a-blog cms Ver.3.1.x series versions... |
| CVE-2024-23183 | 2024-01-23 | Cross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior... |
| CVE-2024-23348 | 2024-01-23 | Improper input validation vulnerability in a-blog cms Ver.3.1.x series versions... |
| CVE-2024-0703 | 2024-01-23 | The Sticky Buttons – floating buttons builder plugin for WordPress... |
| CVE-2023-44401 | 2024-01-23 | Silverstripe GraqhQL's view permissions are bypassed for paginated lists of ORM data |
| CVE-2024-0741 | 2024-01-23 | An out of bounds write in ANGLE could have allowed... |
| CVE-2024-0742 | 2024-01-23 | It was possible for certain browser prompts and dialogs to... |
| CVE-2024-0746 | 2024-01-23 | A Linux user opening the print preview dialog could have... |
| CVE-2024-0747 | 2024-01-23 | When a parent page loaded a child in an iframe... |
| CVE-2024-0749 | 2024-01-23 | A phishing site could have repurposed an `about:` dialog to... |
| CVE-2024-0750 | 2024-01-23 | A bug in popup notifications delay calculation could have made... |
| CVE-2024-0751 | 2024-01-23 | A malicious devtools extension could have been used to escalate... |
| CVE-2024-0753 | 2024-01-23 | In specific HSTS configurations an attacker could have bypassed HSTS... |
| CVE-2024-0755 | 2024-01-23 | Memory safety bugs present in Firefox 121, Firefox ESR 115.6,... |
| CVE-2024-0743 | 2024-01-23 | An unchecked return value in TLS handshake code could have... |
| CVE-2024-0744 | 2024-01-23 | In some circumstances, JIT compiled code could have dereferenced a... |
| CVE-2024-0745 | 2024-01-23 | The WebAudio `OscillatorNode` object was susceptible to a stack buffer... |
| CVE-2024-0748 | 2024-01-23 | A compromised content process could have updated the document URI.... |
| CVE-2024-0752 | 2024-01-23 | A use-after-free crash could have occurred on macOS if a... |
| CVE-2024-0754 | 2024-01-23 | Some WASM source files could have caused a crash when... |
| CVE-2023-48714 | 2024-01-23 | Record titles for restricted records can be viewed if exposed by GridFieldAddExistingAutocompleter |
| CVE-2023-49783 | 2024-01-23 | No permission checks for editing/deleting records with CSV import form |
| CVE-2023-49657 | 2024-01-23 | Apache Superset: Stored XSS in Dashboard Title and Chart Title |
| CVE-2023-50274 | 2024-01-23 | HPE OneView may allow command injection with local privilege escalation. |
| CVE-2023-50275 | 2024-01-23 | HPE OneView may allow clusterService Authentication Bypass resulting in denial... |
| CVE-2023-6573 | 2024-01-23 | HPE OneView may have a missing passphrase during restore. |
| CVE-2024-22203 | 2024-01-23 | Whoogle Search Server Side Request Forgery vulnerability |
| CVE-2024-22204 | 2024-01-23 | Whoogle Search Limited File Write vulnerability |
| CVE-2024-22205 | 2024-01-23 | Whoogle Search Server Side Request Forgery vulnerability |
| CVE-2024-22417 | 2024-01-23 | Whoogle Search Cross-site Scripting vulnerability |
| CVE-2024-23330 | 2024-01-23 | Tuta loads images from external resources |
| CVE-2024-23341 | 2024-01-23 | TuiTse-TsuSin html injection vulnerability in `tuitse_html` function |
| CVE-2024-23636 | 2024-01-23 | SOFARPC Remote Command Execution(RCE) Vulnerbility |
| CVE-2023-7238 | 2024-01-23 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Orthanc Osimis DICOM Web Viewer |
| CVE-2023-6926 | 2024-01-23 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in Crestron AM-300 |
| CVE-2023-38624 | 2024-01-23 | A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro... |
| CVE-2023-38625 | 2024-01-23 | A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro... |
| CVE-2023-38626 | 2024-01-23 | A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro... |