CVE List - 2024 / February
Showing 1001 - 1100 of 2784 CVEs for February 2024 (Page 11 of 28)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-24741 | 2024-02-13 | Missing Authorization check in SAP Master Data Governance Material |
| CVE-2024-22024 | 2024-02-13 | An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to... |
| CVE-2024-21491 | 2024-02-13 | Versions of the package svix before 1.17.0 are vulnerable to Authentication Bypass due to an issue in the verify function where signatures of different lengths are incorrectly compared. An attacker... |
| CVE-2024-25914 | 2024-02-13 | WordPress SMTP Mail Plugin <= 1.3.20 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-6815 | 2024-02-13 | Incorrect Privilege Assignment vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series Safety CPU R08/16/32/120SFCPU all versions and MELSEC iQ-R Series SIL2 Process CPU R08/16/32/120PSFCPU all versions allows a remote authenticated... |
| CVE-2024-22454 | 2024-02-13 | Dell PowerProtect Data Manager, version 19.15 and prior versions, contain a weak password recovery mechanism for forgotten passwords. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized... |
| CVE-2024-22445 | 2024-02-13 | Dell PowerProtect Data Manager, version 19.15 and prior versions, contain an OS command injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the execution of... |
| CVE-2023-48363 | 2024-02-13 | A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions... |
| CVE-2023-48364 | 2024-02-13 | A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions... |
| CVE-2023-49125 | 2024-02-13 | A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.263), Parasolid V35.1 (All versions < V35.1.252), Parasolid V36.0 (All versions < V36.0.198), Solid Edge SE2023 (All versions <... |
| CVE-2023-50236 | 2024-02-13 | A vulnerability has been identified in Polarion ALM (All versions < V2404.0). The affected product is vulnerable due to weak file and folder permissions in the installation path. An attacker... |
| CVE-2023-51440 | 2024-02-13 | A vulnerability has been identified in SIMATIC CP 343-1 (6GK7343-1EX30-0XE0) (All versions), SIMATIC CP 343-1 Lean (6GK7343-1CX10-0XE0) (All versions), SIPLUS NET CP 343-1 (6AG1343-1EX30-7XE0) (All versions), SIPLUS NET CP 343-1... |
| CVE-2024-22042 | 2024-02-13 | A vulnerability has been identified in Unicam FX (All versions). The windows installer agent used in affected product contains incorrect use of privileged APIs that trigger the Windows Console Host... |
| CVE-2024-22043 | 2024-02-13 | A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.251), Parasolid V35.1 (All versions < V35.1.170). The affected applications contain a null pointer dereference vulnerability while parsing specially... |
| CVE-2024-23795 | 2024-02-13 | A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected application contains an out of bounds... |
| CVE-2024-23796 | 2024-02-13 | A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected application is vulnerable to heap-based buffer... |
| CVE-2024-23797 | 2024-02-13 | A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected applications contain a stack overflow vulnerability... |
| CVE-2024-23798 | 2024-02-13 | A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected applications contain a stack overflow vulnerability... |
| CVE-2024-23799 | 2024-02-13 | A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions), Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The affected applications contain a null pointer dereference vulnerability while... |
| CVE-2024-23800 | 2024-02-13 | A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions), Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The affected applications contain a null pointer dereference vulnerability while... |
| CVE-2024-23801 | 2024-02-13 | A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions), Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The affected applications contain a null pointer dereference vulnerability while... |
| CVE-2024-23802 | 2024-02-13 | A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected applications contain an out of bounds... |
| CVE-2024-23803 | 2024-02-13 | A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions), Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The affected application contains an out of bounds write past... |
| CVE-2024-23804 | 2024-02-13 | A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected applications contain a stack overflow vulnerability... |
| CVE-2024-23810 | 2024-02-13 | A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected application is vulnerable to SQL injection. This could allow an unauthenticated remote attacker to execute... |
| CVE-2024-23811 | 2024-02-13 | A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected application allows users to upload arbitrary files via TFTP. This could allow an attacker to... |
| CVE-2024-23812 | 2024-02-13 | A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected application incorrectly neutralizes special elements when creating a report which could lead to command injection. |
| CVE-2024-23813 | 2024-02-13 | A vulnerability has been identified in Polarion ALM (All versions < V2404.0). The REST API endpoints of doorsconnector of the affected product lacks proper authentication. An unauthenticated attacker could access... |
| CVE-2024-23816 | 2024-02-13 | A vulnerability has been identified in Location Intelligence Perpetual Large (9DE5110-8CA13-1AX0) (All versions < V4.3), Location Intelligence Perpetual Medium (9DE5110-8CA12-1AX0) (All versions < V4.3), Location Intelligence Perpetual Non-Prod (9DE5110-8CA10-1AX0) (All... |
| CVE-2024-24920 | 2024-02-13 | A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing... |
| CVE-2024-24921 | 2024-02-13 | A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected application is vulnerable to memory corruption while parsing specially crafted Catia MODEL files. This could allow... |
| CVE-2024-24922 | 2024-02-13 | A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing... |
| CVE-2024-24923 | 2024-02-13 | A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000), Simcenter Femap (All versions < V2306.0001). The affected applications contain an out of bounds read past the end... |
| CVE-2024-24924 | 2024-02-13 | A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing... |
| CVE-2024-24925 | 2024-02-13 | A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted Catia MODEL files. An attacker... |
| CVE-2024-1160 | 2024-02-13 | The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Icon Link in all versions up to, and including, 4.8.0 due to insufficient input... |
| CVE-2024-1157 | 2024-02-13 | The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's button URL in all versions up to, and including, 4.8.0 due to insufficient input... |
| CVE-2024-1159 | 2024-02-13 | The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 4.8.0 due to insufficient input sanitization... |
| CVE-2023-6072 | 2024-02-13 | A cross-site scripting vulnerability in Trellix Central Management (CM) prior to 9.1.3.97129 allows a remote authenticated attacker to craft CM dashboard internal requests causing arbitrary content to be injected into... |
| CVE-2024-1309 | 2024-02-13 | Resource Consumption Identified in NTP before 4.2.4p8 and 4.2.5 |
| CVE-2024-24781 | 2024-02-13 | Hima: Uncontrolled Resource Consumption in multiple products |
| CVE-2024-24782 | 2024-02-13 | HIMA: Origin Validation Error in multiple products |
| CVE-2023-4408 | 2024-02-13 | Parsing large DNS messages may cause excessive CPU load |
| CVE-2023-5517 | 2024-02-13 | Querying RFC 1918 reverse zones may cause an assertion failure when "nxdomain-redirect" is enabled |
| CVE-2023-5679 | 2024-02-13 | Enabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution |
| CVE-2023-5680 | 2024-02-13 | Cleaning an ECS-enabled cache may cause excessive CPU load |
| CVE-2023-6516 | 2024-02-13 | Specific recursive query patterns may lead to an out-of-memory condition |
| CVE-2024-1163 | 2024-02-13 | Path traversal vulnerability in mapshaper |
| CVE-2024-1096 | 2024-02-13 | Twister Antivirus v8.17 - Denial of Service |
| CVE-2024-23439 | 2024-02-13 | Vba32 Antivirus v3.36.0 - Arbitrary Memory Read |
| CVE-2024-23440 | 2024-02-13 | Vba32 Antivirus v3.36.0 - Arbitrary Memory Read |
| CVE-2024-1140 | 2024-02-13 | Twister Antivirus v8.17 - Out-of-bounds Read |
| CVE-2023-20570 | 2024-02-13 | Insufficient verification of data authenticity in the configuration state machine may allow a local attacker to potentially load arbitrary bitstreams. |
| CVE-2024-20667 | 2024-02-13 | Azure DevOps Server Remote Code Execution Vulnerability |
| CVE-2024-21327 | 2024-02-13 | Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability |
| CVE-2024-21329 | 2024-02-13 | Azure Connected Machine Agent Elevation of Privilege Vulnerability |
| CVE-2024-21338 | 2024-02-13 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2024-21340 | 2024-02-13 | Windows Kernel Information Disclosure Vulnerability |
| CVE-2024-21349 | 2024-02-13 | Microsoft ActiveX Data Objects Remote Code Execution Vulnerability |
| CVE-2024-21350 | 2024-02-13 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-21351 | 2024-02-13 | Windows SmartScreen Security Feature Bypass Vulnerability |
| CVE-2024-21352 | 2024-02-13 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-21354 | 2024-02-13 | Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability |
| CVE-2024-21357 | 2024-02-13 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
| CVE-2024-21358 | 2024-02-13 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-21360 | 2024-02-13 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-21361 | 2024-02-13 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-21366 | 2024-02-13 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-21369 | 2024-02-13 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-21371 | 2024-02-13 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2024-21372 | 2024-02-13 | Windows OLE Remote Code Execution Vulnerability |
| CVE-2024-21375 | 2024-02-13 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-21379 | 2024-02-13 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2024-21381 | 2024-02-13 | Microsoft Azure Active Directory B2C Spoofing Vulnerability |
| CVE-2024-21386 | 2024-02-13 | .NET Denial of Service Vulnerability |
| CVE-2024-21389 | 2024-02-13 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
| CVE-2024-21393 | 2024-02-13 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
| CVE-2024-21394 | 2024-02-13 | Dynamics 365 Field Service Spoofing Vulnerability |
| CVE-2024-21396 | 2024-02-13 | Dynamics 365 Sales Spoofing Vulnerability |
| CVE-2024-21401 | 2024-02-13 | Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability |
| CVE-2024-21402 | 2024-02-13 | Microsoft Outlook Elevation of Privilege Vulnerability |
| CVE-2024-21404 | 2024-02-13 | .NET Denial of Service Vulnerability |
| CVE-2024-21413 | 2024-02-13 | Microsoft Outlook Remote Code Execution Vulnerability |
| CVE-2024-21420 | 2024-02-13 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2024-20673 | 2024-02-13 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2024-20679 | 2024-02-13 | Azure Stack Hub Spoofing Vulnerability |
| CVE-2024-21304 | 2024-02-13 | Trusted Compute Base Elevation of Privilege Vulnerability |
| CVE-2024-21315 | 2024-02-13 | Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability |
| CVE-2024-20695 | 2024-02-13 | Skype for Business Information Disclosure Vulnerability |
| CVE-2024-21328 | 2024-02-13 | Dynamics 365 Sales Spoofing Vulnerability |
| CVE-2024-20684 | 2024-02-13 | Windows Hyper-V Denial of Service Vulnerability |
| CVE-2024-21339 | 2024-02-13 | Windows USB Generic Parent Driver Remote Code Execution Vulnerability |
| CVE-2024-21341 | 2024-02-13 | Windows Kernel Remote Code Execution Vulnerability |
| CVE-2024-21342 | 2024-02-13 | Windows DNS Client Denial of Service Vulnerability |
| CVE-2024-21343 | 2024-02-13 | Windows Network Address Translation (NAT) Denial of Service Vulnerability |
| CVE-2024-21344 | 2024-02-13 | Windows Network Address Translation (NAT) Denial of Service Vulnerability |
| CVE-2024-21345 | 2024-02-13 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2024-21346 | 2024-02-13 | Win32k Elevation of Privilege Vulnerability |
| CVE-2024-21347 | 2024-02-13 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
| CVE-2024-21348 | 2024-02-13 | Internet Connection Sharing (ICS) Denial of Service Vulnerability |