CVE List - 2024 / February
Showing 1601 - 1700 of 2784 CVEs for February 2024 (Page 17 of 28)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-25634 | 2024-02-19 | IDOR make user can read e-mail log sent by other events |
| CVE-2024-25640 | 2024-02-19 | Improper Neutralization of Alternate XSS Syntax in iris-web |
| CVE-2024-1638 | 2024-02-19 | Bluetooth characteristic LESC security requirement not enforced without additional flags |
| CVE-2024-1635 | 2024-02-19 | Undertow: out-of-memory error after several closed connections with wildfly-http-client protocol |
| CVE-2023-6259 | 2024-02-19 | Local Access to Sensitive Data in Brivo ACS100 and ACS300 |
| CVE-2023-6260 | 2024-02-19 | Web UI OS Command Injection in Brivo ACS100, ACS300 |
| CVE-2024-26129 | 2024-02-19 | Prestashop vulnerable to path disclosure in JavaScript variable |
| CVE-2024-26134 | 2024-02-19 | CBOR2 decoder has potential buffer overflow |
| CVE-2024-1297 | 2024-02-19 | Loomio 2.22.0 - Code injection |
| CVE-2024-1651 | 2024-02-19 | Torrentpier 2.4.1 - RCE |
| CVE-2024-1644 | 2024-02-19 | Suite CRM v7.14.2 - RCE via Local File Inclusion |
| CVE-2024-1647 | 2024-02-19 | pyhtml2pdf 0.0.6 - Local File Read via Server Side XSS |
| CVE-2021-29038 | 2024-02-20 | Liferay Portal 7.2.0 through 7.3.5, and older unsupported versions, and... |
| CVE-2023-46967 | 2024-02-20 | Cross Site Scripting vulnerability in the sanitize function in Enhancesoft... |
| CVE-2023-47422 | 2024-02-20 | An access control issue in /usr/sbin/httpd in Tenda TX9 V1... |
| CVE-2023-49034 | 2024-02-20 | Cross Site Scripting (XSS) vulnerability in ProjeQtOr 11.0.2 allows a... |
| CVE-2023-50923 | 2024-02-20 | In QUIC in RFC 9000, the Latency Spin Bit specification... |
| CVE-2024-22824 | 2024-02-20 | An issue in Timo v.2.0.3 allows a remote attacker to... |
| CVE-2024-23758 | 2024-02-20 | An issue discovered in Unisys Stealth 5.3.062.0 allows attackers to... |
| CVE-2024-24474 | 2024-02-20 | QEMU before 8.2.0 has an integer underflow, and resultant buffer... |
| CVE-2024-25196 | 2024-02-20 | Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble... |
| CVE-2024-25197 | 2024-02-20 | Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble... |
| CVE-2024-25198 | 2024-02-20 | Inappropriate pointer order of laser_scan_filter_.reset() and tf_listener_.reset() (amcl_node.cpp) in Open... |
| CVE-2024-25199 | 2024-02-20 | Inappropriate pointer order of map_sub_ and map_free(map_) (amcl_node.cpp) in Open... |
| CVE-2024-25262 | 2024-02-20 | texlive-bin commit c515e was discovered to contain heap buffer overflow... |
| CVE-2024-25274 | 2024-02-20 | An arbitrary file upload vulnerability in the component /sysFile/upload of... |
| CVE-2024-25366 | 2024-02-20 | Buffer Overflow vulnerability in mz-automation.de libiec61859 v.1.4.0 allows a remote... |
| CVE-2021-29050 | 2024-02-20 | Cross-Site Request Forgery (CSRF) vulnerability in the terms of use... |
| CVE-2022-45320 | 2024-02-20 | Liferay Portal before 7.4.3.16 and Liferay DXP before 7.2 fix... |
| CVE-2024-25260 | 2024-02-20 | elfutils v0.189 was discovered to contain a NULL pointer dereference... |
| CVE-2024-25428 | 2024-02-20 | SQL Injection vulnerability in MRCMS v3.1.2 allows attackers to run... |
| CVE-2024-1648 | 2024-02-20 | electron-pdf 20.0.0 - Local File Read via Server Side XSS |
| CVE-2024-0715 | 2024-02-20 | EL Injection Vulnerability in Hitachi Global Link Manager |
| CVE-2023-6397 | 2024-02-20 | A null pointer dereference vulnerability in Zyxel ATP series firmware... |
| CVE-2024-21892 | 2024-02-20 | On Linux, Node.js ignores certain environment variables if those may... |
| CVE-2024-22019 | 2024-02-20 | A vulnerability in Node.js HTTP servers allows an attacker to... |
| CVE-2024-21891 | 2024-02-20 | Node.js depends on multiple built-in utility functions to normalize paths... |
| CVE-2024-21890 | 2024-02-20 | The Node.js Permission Model does not clarify in the documentation... |
| CVE-2024-21896 | 2024-02-20 | The permission model protects itself against path traversal attacks by... |
| CVE-2023-6398 | 2024-02-20 | A post-authentication command injection vulnerability in the file upload binary... |
| CVE-2023-6399 | 2024-02-20 | A format string vulnerability in Zyxel ATP series firmware versions... |
| CVE-2023-6764 | 2024-02-20 | A format string vulnerability in a function of the IPSec... |
| CVE-2024-1510 | 2024-02-20 | The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress... |
| CVE-2024-1559 | 2024-02-20 | The Link Library plugin for WordPress is vulnerable to Stored... |
| CVE-2023-5190 | 2024-02-20 | Open redirect vulnerability in the Countries Management’s edit region page... |
| CVE-2023-44308 | 2024-02-20 | Open redirect vulnerability in adaptive media administration page in Liferay... |
| CVE-2024-25149 | 2024-02-20 | Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, and... |
| CVE-2024-22234 | 2024-02-20 | CVE-2024-22234: Broken Access Control in Spring Security With Direct Use of isFullyAuthenticated |
| CVE-2024-25973 | 2024-02-20 | Multiple Stored Cross-Site Scripting Vulnerabilities |
| CVE-2024-25974 | 2024-02-20 | Stored Cross-Site Scripting (XSS) within the Media Center |
| CVE-2024-25150 | 2024-02-20 | Information disclosure vulnerability in the Control Panel in Liferay Portal... |
| CVE-2024-25604 | 2024-02-20 | Liferay Portal 7.2.0 through 7.4.3.4, and older unsupported versions, and... |
| CVE-2024-25605 | 2024-02-20 | The Journal module in Liferay Portal 7.2.0 through 7.4.3.4, and... |
| CVE-2024-25606 | 2024-02-20 | XXE vulnerability in Liferay Portal 7.2.0 through 7.4.3.7, and older... |
| CVE-2024-1608 | 2024-02-20 | OPPO Usercenter Credit sdk |
| CVE-2024-25607 | 2024-02-20 | The default password hashing algorithm (PBKDF2-HMAC-SHA1) in Liferay Portal 7.2.0... |
| CVE-2024-25608 | 2024-02-20 | HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.18, and older unsupported... |
| CVE-2024-25609 | 2024-02-20 | HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.12, and older unsupported... |
| CVE-2023-49109 | 2024-02-20 | Remote Code Execution in Apache Dolphinscheduler |
| CVE-2023-49250 | 2024-02-20 | Apache DolphinScheduler: Insecure TLS TrustManager used in HttpUtil |
| CVE-2023-50270 | 2024-02-20 | Apache DolphinScheduler: Session do not expire after password change |
| CVE-2023-51770 | 2024-02-20 | Apache DolphinScheduler: Arbitrary File Read Vulnerability |
| CVE-2024-24793 | 2024-02-20 | A use-after-free vulnerability exists in the DICOM Element Parsing as... |
| CVE-2024-24794 | 2024-02-20 | A use-after-free vulnerability exists in the DICOM Element Parsing as... |
| CVE-2023-7245 | 2024-02-20 | The nodejs framework in OpenVPN Connect 3.0 through 3.4.3 (Windows)/3.4.7... |
| CVE-2024-1661 | 2024-02-20 | Totolink X6000R shadow hard-coded credentials |
| CVE-2024-25610 | 2024-02-20 | In Liferay Portal 7.2.0 through 7.4.3.12, and older unsupported versions,... |
| CVE-2024-26265 | 2024-02-20 | The Image Uploader module in Liferay Portal 7.2.0 through 7.4.3.15,... |
| CVE-2023-52433 | 2024-02-20 | netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction |
| CVE-2024-26581 | 2024-02-20 | netfilter: nft_set_rbtree: skip end interval element from gc |
| CVE-2024-26267 | 2024-02-20 | In Liferay Portal 7.2.0 through 7.4.3.25, and older unsupported versions,... |
| CVE-2024-26268 | 2024-02-20 | User enumeration vulnerability in Liferay Portal 7.2.0 through 7.4.3.26, and... |
| CVE-2023-42791 | 2024-02-20 | A relative path traversal in Fortinet FortiManager version 7.4.0 and... |
| CVE-2024-1546 | 2024-02-20 | When storing and re-accessing data on a networking channel, the... |
| CVE-2024-1547 | 2024-02-20 | Through a series of API calls and redirects, an attacker-controlled... |
| CVE-2024-1548 | 2024-02-20 | A website could have obscured the fullscreen notification by using... |
| CVE-2024-1549 | 2024-02-20 | If a website set a large custom cursor, portions of... |
| CVE-2024-1550 | 2024-02-20 | A malicious website could have used a combination of exiting... |
| CVE-2024-1551 | 2024-02-20 | Set-Cookie response headers were being incorrectly honored in multipart HTTP... |
| CVE-2024-1552 | 2024-02-20 | Incorrect code generation could have led to unexpected numeric conversions... |
| CVE-2024-1553 | 2024-02-20 | Memory safety bugs present in Firefox 122, Firefox ESR 115.7,... |
| CVE-2024-1554 | 2024-02-20 | The `fetch()` API and navigation incorrectly shared the same cache,... |
| CVE-2024-1555 | 2024-02-20 | When opening a website using the `firefox://` protocol handler, SameSite... |
| CVE-2024-1556 | 2024-02-20 | The incorrect object was checked for NULL in the built-in... |
| CVE-2024-1557 | 2024-02-20 | Memory safety bugs present in Firefox 122. Some of these... |
| CVE-2024-26270 | 2024-02-20 | The Account Settings page in Liferay Portal 7.4.3.76 through 7.4.3.99,... |
| CVE-2023-50306 | 2024-02-20 | IBM Common Licensing information disclosure |
| CVE-2024-1155 | 2024-02-20 | Incorrect permissions for shared NI SystemLink Elixir based services |
| CVE-2024-1156 | 2024-02-20 | Incorrect directory permissions for the shared NI RabbitMQ service may... |
| CVE-2023-45318 | 2024-02-20 | A heap-based buffer overflow vulnerability exists in the HTTP Server... |
| CVE-2023-38562 | 2024-02-20 | A double-free vulnerability exists in the IP header loopback parsing... |
| CVE-2023-39540 | 2024-02-20 | A denial of service vulnerability exists in the ICMP and... |
| CVE-2023-39541 | 2024-02-20 | A denial of service vulnerability exists in the ICMP and... |
| CVE-2024-22369 | 2024-02-20 | Apache Camel: Camel-SQL: Unsafe Deserialization from JDBCAggregationRepository |
| CVE-2024-23114 | 2024-02-20 | Apache Camel: Camel-CassandraQL: Unsafe Deserialization from CassandraAggregationRepository |
| CVE-2024-23606 | 2024-02-20 | An out-of-bounds write vulnerability exists in the sopen_FAMOS_read functionality of... |
| CVE-2024-23310 | 2024-02-20 | A use-after-free vulnerability exists in the sopen_FAMOS_read functionality of The... |
| CVE-2024-23313 | 2024-02-20 | An integer underflow vulnerability exists in the sopen_FAMOS_read functionality of... |
| CVE-2024-21812 | 2024-02-20 | An integer overflow vulnerability exists in the sopen_FAMOS_read functionality of... |
| CVE-2024-21795 | 2024-02-20 | A heap-based buffer overflow vulnerability exists in the .egi parsing... |