CVE List - 2024 / February
Showing 1301 - 1400 of 2784 CVEs for February 2024 (Page 14 of 28)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-6409 | 2024-02-14 | CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause... |
| CVE-2023-6408 | 2024-02-14 | CWE-924: Improper Enforcement of Message Integrity During Transmission in a... |
| CVE-2023-27975 | 2024-02-14 | CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause unauthorized... |
| CVE-2024-0568 | 2024-02-14 | CWE-287: Improper Authentication vulnerability exists that could cause unauthorized tampering... |
| CVE-2024-0007 | 2024-02-14 | PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface |
| CVE-2024-0008 | 2024-02-14 | PAN-OS: Insufficient Session Expiration Vulnerability in the Web Interface |
| CVE-2024-0009 | 2024-02-14 | PAN-OS: Improper IP Address Verification in GlobalProtect Gateway |
| CVE-2024-0010 | 2024-02-14 | PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Portal |
| CVE-2024-0011 | 2024-02-14 | PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication |
| CVE-2023-48229 | 2024-02-14 | Out-of-bounds write in the radio driver for Contiki-NG nRF platforms |
| CVE-2023-50927 | 2024-02-14 | Insufficient boundary checks for DIO and DAO messages in RPL-Lite in Contiki-NG |
| CVE-2023-50926 | 2024-02-14 | Unvalidated DIO prefix info length in RPL-Lite in Contiki-NG |
| CVE-2024-1482 | 2024-02-14 | Improper Authorization in GitHub Enterprise Server allowed unauthorized workflow execution |
| CVE-2024-25618 | 2024-02-14 | External OpenID Connect Account Takeover by E-Mail Change in mastodon |
| CVE-2024-25619 | 2024-02-14 | Destroying OAuth Applications doesn't notify Streaming of Access Tokens being destroyed in mastodon |
| CVE-2024-25617 | 2024-02-14 | Denial of Service in HTTP Header parser in squid proxy |
| CVE-2024-1367 | 2024-02-14 | Command Injection Vulnerability in Tenable Security Center |
| CVE-2024-1471 | 2024-02-14 | HTML Injection Vulnerability |
| CVE-2023-48733 | 2024-02-14 | An insecure default to allow UEFI Shell in EDK2 was... |
| CVE-2023-49721 | 2024-02-14 | An insecure default to allow UEFI Shell in EDK2 was... |
| CVE-2023-6138 | 2024-02-14 | A potential security vulnerability has been identified in the system... |
| CVE-2022-48219 | 2024-02-14 | Potential vulnerabilities have been identified in certain HP Desktop PC... |
| CVE-2022-48220 | 2024-02-14 | Potential vulnerabilities have been identified in certain HP Desktop PC... |
| CVE-2024-25620 | 2024-02-14 | Dependency management path traversal in helm |
| CVE-2024-23674 | 2024-02-15 | The Online-Ausweis-Funktion eID scheme in the German National Identity card... |
| CVE-2024-24256 | 2024-02-15 | SQL Injection vulnerability in Yonyou space-time enterprise information integration platform... |
| CVE-2024-24386 | 2024-02-15 | An issue in VitalPBX v.3.2.4-5 allows an attacker to execute... |
| CVE-2024-25373 | 2024-02-15 | Tenda AC10V4.0 V16.03.10.20 was discovered to contain a stack overflow... |
| CVE-2024-25502 | 2024-02-15 | Directory Traversal vulnerability in flusity CMS v.2.4 allows a remote... |
| CVE-2023-51787 | 2024-02-15 | An issue was discovered in Wind River VxWorks 7 22.09... |
| CVE-2024-1523 | 2024-02-15 | EC-WEB FS-EZViewer(Web) - SQL Injection |
| CVE-2024-26260 | 2024-02-15 | Hgiga OAKlouds - Command Injection |
| CVE-2024-26261 | 2024-02-15 | Hgiga OAKlouds - Arbitrary File Read And Delete |
| CVE-2024-26262 | 2024-02-15 | EBM Technologies Uniweb/SoliPACS WebServer - SQL Injection |
| CVE-2024-26263 | 2024-02-15 | EBM Technologies RISWEB - Improper Access Control |
| CVE-2024-26264 | 2024-02-15 | EBM Technologies RISWEB - SQL Injection |
| CVE-2024-25940 | 2024-02-15 | bhyveload(8) host file access |
| CVE-2024-25941 | 2024-02-15 | jail(2) information leak |
| CVE-2024-25559 | 2024-02-15 | URL spoofing vulnerability exists in a-blog cms Ver.3.1.0 to Ver.3.1.8.... |
| CVE-2022-23084 | 2024-02-15 | Potential jail escape vulnerabilities in netmap |
| CVE-2022-23085 | 2024-02-15 | Potential jail escape vulnerabilities in netmap |
| CVE-2022-23086 | 2024-02-15 | mpr/mps/mpt driver ioctl heap out-of-bounds write |
| CVE-2022-23087 | 2024-02-15 | Bhyve e82545 device emulation out-of-bounds write |
| CVE-2022-23088 | 2024-02-15 | 802.11 heap buffer overflow |
| CVE-2024-1488 | 2024-02-15 | Unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation |
| CVE-2022-23089 | 2024-02-15 | Out of bound read in elf_note_prpsinfo() |
| CVE-2022-23090 | 2024-02-15 | AIO credential reference count leak |
| CVE-2022-23091 | 2024-02-15 | Memory disclosure by stale virtual memory mapping |
| CVE-2022-23092 | 2024-02-15 | Missing bounds check in 9p message handling |
| CVE-2022-23093 | 2024-02-15 | Stack overflow in ping(8) |
| CVE-2023-46596 | 2024-02-15 | Improper input validation in FireFlow’s VisualFlow workflow editor |
| CVE-2024-0708 | 2024-02-15 | The Landing Page Cat – Coming Soon Page, Maintenance Page... |
| CVE-2024-21727 | 2024-02-15 | Extension - digtal-peak.com - XSS vulnerability in DP Calendar component for Joomla 8.0.0-8.0.14 |
| CVE-2024-0353 | 2024-02-15 | Local privilege escalation in Windows products |
| CVE-2023-4537 | 2024-02-15 | Protocol Downgrade in Comarch ERP XL |
| CVE-2023-4538 | 2024-02-15 | Shared Key in Comarch ERP XL |
| CVE-2023-4539 | 2024-02-15 | Hardcoded password in Comarch ERP XL |
| CVE-2024-0390 | 2024-02-15 | Hard-coded credentials in iZZi connect application |
| CVE-2024-20725 | 2024-02-15 | Adobe Substance 3D Painter v9.0.1Build2822 OOBR Vulnerability I |
| CVE-2024-20723 | 2024-02-15 | Adobe Substance 3D Painter v9.0.1Build2822 Buffer Overflow Vulnerability |
| CVE-2024-20741 | 2024-02-15 | Adobe Substance 3D Paint ICO Parsing Access Violation Write Vulnerability |
| CVE-2024-20742 | 2024-02-15 | Adobe Substance 3D Paint RAS File Parsing Out-Of-Bounds Read Vulnerability |
| CVE-2024-20740 | 2024-02-15 | Adobe Substance 3D Paint PSD Parsing Out-Of-Bounds Write Vulnerability |
| CVE-2024-20722 | 2024-02-15 | Adobe Substance 3D Painter v9.0.1Build2822 OOBR Vulnerability III |
| CVE-2024-20743 | 2024-02-15 | Adobe Substance 3D Paint PSD Parsing Out-Of-Bounds Write Vulnerability |
| CVE-2024-20724 | 2024-02-15 | Adobe Substance 3D Painter v9.0.1Build2822 OOBR Vulnerability II |
| CVE-2024-20744 | 2024-02-15 | Adobe Substance 3D Paint PICT Parsing Access Violation Write Vulnerability |
| CVE-2024-20735 | 2024-02-15 | TALOS-2023-1905 - Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability |
| CVE-2024-20729 | 2024-02-15 | TALOS-2023-1890 - Adobe Acrobat Reader Annot3D object zoom event use-after-free vulnerability |
| CVE-2024-20749 | 2024-02-15 | TALOS-2023-1910 - Adobe Acrobat Reader Font CharStrings CharStringsOffset out-of-bounds read vulnerability |
| CVE-2024-20736 | 2024-02-15 | ZDI-CAN-22822: Adobe Acrobat Pro DC AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2024-20728 | 2024-02-15 | ZDI-CAN-22727: Adobe Acrobat Pro DC Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2024-20734 | 2024-02-15 | ZDI-CAN-22516: Adobe Acrobat Pro DC AcroForm Use-After-Free Information Disclosure Vulnerability |
| CVE-2024-20748 | 2024-02-15 | TALOS-2023-1909 - Adobe Acrobat Reader Font avar SegmentMaps out-of-bounds read vulnerability |
| CVE-2024-20733 | 2024-02-15 | [ZS-VR-23-360] Adobe Acrobat Reader Parsing OTF font Denial-of-Service Vulnerability |
| CVE-2024-20747 | 2024-02-15 | TALOS-2023-1908 - Adobe Acrobat Reader Font CharStrings INDEX out-of-bounds read vulnerability |
| CVE-2024-20727 | 2024-02-15 | [TianfuCup] out-of-bounds access vulnerability when parsing jpeg2000 |
| CVE-2024-20731 | 2024-02-15 | TALOS-2023-1901 - Adobe Acrobat Reader FileAttachment PDAnnot destroy use-after-free vulnerability |
| CVE-2024-20730 | 2024-02-15 | TALOS-2023-1906 - Adobe Acrobat Reader Font CPAL integer overflow vulnerability |
| CVE-2024-20726 | 2024-02-15 | [TianfuCup] JP2K Image Parsing Out-Of-Bounds Write |
| CVE-2024-20738 | 2024-02-15 | Adobe FrameMaker Publishing Server Authentication Bypass Vulnerability | CVE-2023-44324 bypass |
| CVE-2024-20739 | 2024-02-15 | ZDI-CAN-22647: Adobe Audition AVI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2024-20750 | 2024-02-15 | Adobe Substance 3D Designer PICT Parsing Out-Of-Bounds Read Vulnerability |
| CVE-2023-28078 | 2024-02-15 | Dell OS10 Networking Switches running 10.5.2.x and above contain a... |
| CVE-2023-32462 | 2024-02-15 | Dell OS10 Networking Switches running 10.5.2.x and above contain an... |
| CVE-2024-1530 | 2024-02-15 | ECshop view_sendlist.php sql injection |
| CVE-2023-32484 | 2024-02-15 | Dell Networking Switches running Enterprise SONiC versions 4.1.0, 4.0.5, 3.5.4... |
| CVE-2023-39244 | 2024-02-15 | DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0,... |
| CVE-2023-39245 | 2024-02-15 | DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0,... |
| CVE-2024-20720 | 2024-02-15 | Command injection in data collector backup due to insufficient patching of CVE-2023-38208 |
| CVE-2024-20719 | 2024-02-15 | [Adobe Commerce] Stored XSS from low privileged admin user on every admin page, bypassing CVE-2023-29297 |
| CVE-2024-20718 | 2024-02-15 | [Spain] CSRF to delete Requisition Lists at Adobe Commerce |
| CVE-2024-20717 | 2024-02-15 | Stored admin XSS via PayPal authentication certificate |
| CVE-2024-20716 | 2024-02-15 | Force high-usage of resources by generating unlimited coupons: Adobe Commerce |
| CVE-2023-26206 | 2024-02-15 | An improper neutralization of input during web page generation ('cross-site... |
| CVE-2023-45581 | 2024-02-15 | An improper privilege management vulnerability [CWE-269] in Fortinet FortiClientEMS version... |
| CVE-2023-44253 | 2024-02-15 | An exposure of sensitive information to an unauthorized actor vulnerability... |
| CVE-2023-47537 | 2024-02-15 | An improper certificate validation vulnerability in Fortinet FortiOS 7.0.0 -... |
| CVE-2024-23113 | 2024-02-15 | A use of externally-controlled format string in Fortinet FortiOS versions... |
| CVE-2023-7081 | 2024-02-15 | SQLi in PosTahsil's Online Payment System |