CVE List - 2024 / February
Showing 2101 - 2200 of 2784 CVEs for February 2024 (Page 22 of 28)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-52462 | 2024-02-23 | bpf: fix check for attempt to corrupt spilled pointer |
| CVE-2023-52463 | 2024-02-23 | efivarfs: force RO when remounting if SetVariable is not supported |
| CVE-2023-52464 | 2024-02-23 | EDAC/thunderx: Fix possible out-of-bounds string access |
| CVE-2024-26595 | 2024-02-23 | mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path |
| CVE-2024-26596 | 2024-02-23 | net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events |
| CVE-2024-26597 | 2024-02-23 | net: qualcomm: rmnet: fix global oob in rmnet_policy |
| CVE-2024-26598 | 2024-02-23 | KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache |
| CVE-2024-26599 | 2024-02-23 | pwm: Fix out-of-bounds access in of_pwm_single_xlate() |
| CVE-2024-25629 | 2024-02-23 | c-ares out of bounds read in ares__read_line() |
| CVE-2024-1820 | 2024-02-23 | code-projects Crime Reporting System inchargelogin.php sql injection |
| CVE-2024-1821 | 2024-02-23 | code-projects Crime Reporting System police_add.php sql injection |
| CVE-2024-1822 | 2024-02-23 | PHPGurukul Tourism Management System user-bookings.php cross site scripting |
| CVE-2024-1823 | 2024-02-23 | CodeAstro Simple Voting System Backend users.php access control |
| CVE-2024-26150 | 2024-02-23 | `@backstage/backend-common` vulnerable to path traversal through symlinks |
| CVE-2024-1824 | 2024-02-23 | CodeAstro House Rental Management System signing.php sql injection |
| CVE-2023-51392 | 2024-02-23 | Silicon Labs EFR32xxx parts with classic key storage do not use hardware accelerated AES-CCM |
| CVE-2024-1825 | 2024-02-23 | CodeAstro House Rental Management System User Registration Page cross site scripting |
| CVE-2024-23320 | 2024-02-23 | Apache DolphinScheduler: Arbitrary js execution as root for authenticated users |
| CVE-2024-1826 | 2024-02-23 | code-projects Library System login.php sql injection |
| CVE-2024-1827 | 2024-02-23 | code-projects Library System login.php sql injection |
| CVE-2024-27318 | 2024-02-23 | Versions of the package onnx before and including 1.15.0 are... |
| CVE-2024-27319 | 2024-02-23 | Versions of the package onnx before and including 1.15.0 are... |
| CVE-2024-1828 | 2024-02-23 | code-projects Library System registration.php sql injection |
| CVE-2024-1829 | 2024-02-23 | code-projects Library System registration.php sql injection |
| CVE-2024-1830 | 2024-02-23 | code-projects Library System lost-password.php sql injection |
| CVE-2022-43842 | 2024-02-23 | IBM Aspera Console SQL injection |
| CVE-2024-1831 | 2024-02-23 | SourceCodester Complete File Management System Login Form index.php sql injection |
| CVE-2023-51394 | 2024-02-23 | Potential DoS for EFR32xxx parts in high traffic environments due to null buffer dereference / crash |
| CVE-2023-51393 | 2024-02-23 | Potential DoS due to BusFault and Assert in Ember ZNet legacy packet buffer |
| CVE-2024-1832 | 2024-02-23 | SourceCodester Complete File Management System Admin Login Form sql injection |
| CVE-2024-1833 | 2024-02-23 | SourceCodester Employee Management System login.php sql injection |
| CVE-2024-1834 | 2024-02-23 | SourceCodester Simple Student Attendance System ?page=attendance&class_id=1 cross site scripting |
| CVE-2024-21423 | 2024-02-23 | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability |
| CVE-2024-27132 | 2024-02-23 | Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe. |
| CVE-2024-27133 | 2024-02-23 | Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untrusted dataset. |
| CVE-2024-26188 | 2024-02-23 | Microsoft Edge (Chromium-based) Spoofing Vulnerability |
| CVE-2024-26192 | 2024-02-23 | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability |
| CVE-2024-22395 | 2024-02-23 | Improper access control vulnerability has been identified in the SMA100... |
| CVE-2024-1810 | 2024-02-24 | The Archivist – Custom Archive Templates plugin for WordPress is... |
| CVE-2024-21502 | 2024-02-24 | Versions of the package fastecdsa before 2.3.2 are vulnerable to... |
| CVE-2024-21501 | 2024-02-24 | Versions of the package sanitize-html before 2.12.1 are vulnerable to... |
| CVE-2023-5775 | 2024-02-24 | The BackWPup plugin for WordPress is vulnerable to Plaintext Storage... |
| CVE-2024-1758 | 2024-02-24 | The SuperFaktura WooCommerce plugin for WordPress is vulnerable to Server-Side... |
| CVE-2024-1710 | 2024-02-24 | The Addon Library plugin for WordPress is vulnerable to unauthorized... |
| CVE-2024-1165 | 2024-02-24 | The Brizy – Page Builder plugin for WordPress is vulnerable... |
| CVE-2024-26600 | 2024-02-24 | phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP |
| CVE-2024-26601 | 2024-02-24 | ext4: regenerate buddy after block freeing failed if under fc replay |
| CVE-2024-26602 | 2024-02-24 | sched/membarrier: reduce the ability to hammer on sys_membarrier |
| CVE-2024-26603 | 2024-02-24 | x86/fpu: Stop relying on userspace for info to fault in xsave buffer |
| CVE-2024-26604 | 2024-02-24 | Revert "kobject: Remove redundant checks for whether ktype is NULL" |
| CVE-2024-26605 | 2024-02-24 | PCI/ASPM: Fix deadlock when enabling ASPM |
| CVE-2023-38359 | 2024-02-24 | IBM Cognos Analytics cross-site scripting |
| CVE-2023-32344 | 2024-02-24 | IBM Cognos Analytics cross-site request forgery |
| CVE-2023-30996 | 2024-02-24 | IBM Cognos Analytics cross-origin resource sharing |
| CVE-2022-34357 | 2024-02-24 | IBM Cognos Analytics Mobile Server denial of service |
| CVE-2023-43051 | 2024-02-24 | IBM Cognos Analytics cross-site scripting |
| CVE-2024-0243 | 2024-02-24 | Server-side Request Forgery In Recursive URL Loader |
| CVE-2024-1871 | 2024-02-24 | SourceCodester Employee Management System Project Assignment Report assignp.php cross site scripting |
| CVE-2024-27350 | 2024-02-25 | Amazon Fire OS 7 before 7.6.6.9 and 8 before 8.1.0.3... |
| CVE-2024-27359 | 2024-02-25 | Certain WithSecure products allow a Denial of Service because the... |
| CVE-2024-0455 | 2024-02-25 | SSRF on AWS deployed instances of AnythingLLM via /metadata |
| CVE-2023-52465 | 2024-02-25 | power: supply: Fix null pointer dereference in smb2_probe |
| CVE-2023-52467 | 2024-02-25 | mfd: syscon: Fix null pointer dereference in of_syscon_register() |
| CVE-2023-52468 | 2024-02-25 | class: fix use-after-free in class_register() |
| CVE-2023-52469 | 2024-02-25 | drivers/amd/pm: fix a use-after-free in kv_parse_power_table |
| CVE-2023-52470 | 2024-02-25 | drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() |
| CVE-2023-52471 | 2024-02-25 | ice: Fix some null pointer dereference issues in ice_ptp.c |
| CVE-2023-52472 | 2024-02-25 | crypto: rsa - add a check for allocation failure |
| CVE-2023-52473 | 2024-02-25 | thermal: core: Fix NULL pointer dereference in zone registration error path |
| CVE-2021-46904 | 2024-02-25 | net: hso: fix null-ptr-deref during tty device unregistration |
| CVE-2021-46905 | 2024-02-25 | net: hso: fix NULL-deref on disconnect regression |
| CVE-2022-48626 | 2024-02-25 | moxart: fix potential use-after-free on remove path |
| CVE-2024-0436 | 2024-02-25 | Prevent timing attack for single-user password check |
| CVE-2024-0798 | 2024-02-25 | Privilege Escalation in mintplex-labs/anything-llm |
| CVE-2024-0435 | 2024-02-25 | User can submit message to self-XSS |
| CVE-2024-0440 | 2024-02-25 | SSRF - file:// unsanitized access to underlying host files |
| CVE-2024-0439 | 2024-02-25 | User can manually send request at manager permission to modify system configurations |
| CVE-2024-1875 | 2024-02-25 | SourceCodester Complaint Management System Lodge Complaint Section register-complaint.php unrestricted upload |
| CVE-2023-36237 | 2024-02-26 | Cross Site Request Forgery vulnerability in Bagisto before v.1.5.1 allows... |
| CVE-2023-49959 | 2024-02-26 | In Indo-Sol PROFINET-INspektor NT through 2.4.0, a command injection vulnerability... |
| CVE-2024-22873 | 2024-02-26 | Tencent Blueking CMDB v3.2.x to v3.9.x was discovered to contain... |
| CVE-2024-24401 | 2024-02-26 | SQL Injection vulnerability in Nagios XI 2024R1.01 allows a remote... |
| CVE-2024-25081 | 2024-02-26 | Splinefont in FontForge through 20230101 allows command injection via crafted... |
| CVE-2024-25082 | 2024-02-26 | Splinefont in FontForge through 20230101 allows command injection via crafted... |
| CVE-2024-25247 | 2024-02-26 | SQL Injection vulnerability in /app/api/controller/Store.php in Niushop B2B2C V5 allows... |
| CVE-2024-25344 | 2024-02-26 | Cross Site Scripting vulnerability in ITFlow.org before commit v.432488eca3998c5be6b6b9e8f8ba01f54bc12378 allows... |
| CVE-2024-25410 | 2024-02-26 | flusity-CMS 2.33 is vulnerable to Unrestricted Upload of File with... |
| CVE-2024-25751 | 2024-02-26 | A Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0... |
| CVE-2024-25763 | 2024-02-26 | openNDS 10.2.0 is vulnerable to Use-After-Free via /openNDS/src/auth.c. |
| CVE-2024-25767 | 2024-02-26 | nanomq 0.21.2 contains a Use-After-Free vulnerability in /nanomq/nng/src/core/socket.c. |
| CVE-2024-25768 | 2024-02-26 | OpenDMARC 1.4.2 contains a null pointer dereference vulnerability in /OpenDMARC/libopendmarc/opendmarc_policy.c. |
| CVE-2024-25770 | 2024-02-26 | libming 0.4.8 contains a memory leak vulnerability in /libming/src/actioncompiler/listaction.c. |
| CVE-2024-26455 | 2024-02-26 | fluent-bit 2.2.2 contains a Use-After-Free vulnerability in /fluent-bit/plugins/custom_calyptia/calyptia.c. |
| CVE-2024-26458 | 2024-02-26 | Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in... |
| CVE-2024-26461 | 2024-02-26 | Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability... |
| CVE-2024-26465 | 2024-02-26 | A DOM based cross-site scripting (XSS) vulnerability in the component... |
| CVE-2024-26466 | 2024-02-26 | A DOM based cross-site scripting (XSS) vulnerability in the component... |
| CVE-2024-26467 | 2024-02-26 | A DOM based cross-site scripting (XSS) vulnerability in the component... |
| CVE-2024-26468 | 2024-02-26 | A DOM based cross-site scripting (XSS) vulnerability in the component... |
| CVE-2024-27444 | 2024-02-26 | langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an... |