CVE List - 2024 / February
Showing 2201 - 2300 of 2784 CVEs for February 2024 (Page 23 of 28)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-27447 | 2024-02-26 | pretix before 2024.1.1 mishandles file validation. |
| CVE-2024-27454 | 2024-02-26 | orjson.loads in orjson before 3.9.15 does not limit recursion for... |
| CVE-2024-27455 | 2024-02-26 | In the Bentley ALIM Web application, certain configuration settings can... |
| CVE-2024-27456 | 2024-02-26 | rack-cors (aka Rack CORS Middleware) 2.0.1 has 0666 permissions for... |
| CVE-2023-49960 | 2024-02-26 | In Indo-Sol PROFINET-INspektor NT through 2.4.0, a path traversal vulnerability... |
| CVE-2024-24402 | 2024-02-26 | An issue in Nagios XI 2024R1.01 allows a remote attacker... |
| CVE-2024-24721 | 2024-02-26 | An issue was discovered on Innovaphone PBX before 14r1 devices.... |
| CVE-2024-25248 | 2024-02-26 | SQL Injection vulnerability in the orderGoodsDelivery() function in Niushop B2B2C... |
| CVE-2024-26462 | 2024-02-26 | Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability... |
| CVE-2024-1876 | 2024-02-26 | SourceCodester Employee Management System psubmit.php sql injection |
| CVE-2024-1877 | 2024-02-26 | SourceCodester Employee Management System cancel.php sql injection |
| CVE-2024-1878 | 2024-02-26 | SourceCodester Employee Management System myprofile.php sql injection |
| CVE-2024-1735 | 2024-02-26 | A vulnerability has been identified in armeria-saml versions less than... |
| CVE-2024-1885 | 2024-02-26 | Remote Code Execution attack on LG Signage |
| CVE-2024-1886 | 2024-02-26 | Absolute path traversal attack on LG Signage |
| CVE-2024-22371 | 2024-02-26 | Apache Camel issue on ExchangeCreatedEvent |
| CVE-2023-49114 | 2024-02-26 | Local Privilege Escalation via DLL Hijacking |
| CVE-2024-0387 | 2024-02-26 | EDS-4000/G4000 Series IP Forwarding Vulnerability |
| CVE-2024-1622 | 2024-02-26 | Routinator terminates when RTR connection is reset too quickly after opening |
| CVE-2024-1889 | 2024-02-26 | Cross-Site Request Forgery vulnerability in SMA Cluster Controller |
| CVE-2024-1890 | 2024-02-26 | Clickjacking vulnerability in Sunny Webbox |
| CVE-2024-26606 | 2024-02-26 | binder: signal epoll threads of self-work |
| CVE-2024-25925 | 2024-02-26 | WordPress WooCommerce Easy Checkout Field Editor, Fees & Discounts Plugin <= 3.5.12 is vulnerable to Arbitrary File Upload |
| CVE-2024-25913 | 2024-02-26 | WordPress MoveTo Plugin <= 6.2 is vulnerable to Arbitrary File Upload |
| CVE-2024-25909 | 2024-02-26 | WordPress WP Media folder Plugin <= 5.7.2 is vulnerable to Arbitrary File Upload |
| CVE-2024-23835 | 2024-02-26 | Suricata's pgsql: memory exhaustion use on record parsing |
| CVE-2024-24714 | 2024-02-26 | WordPress Icons Font Loader Plugin <= 1.1.4 is vulnerable to Arbitrary File Upload |
| CVE-2024-23836 | 2024-02-26 | crafted traffic can cause denial of service |
| CVE-2024-23839 | 2024-02-26 | Suricata http: heap use after free with http.request_header and http.response_header keywords |
| CVE-2024-24568 | 2024-02-26 | Suricata http2: header handling evasion |
| CVE-2024-1436 | 2024-02-26 | WordPress WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit Plugin <= 1.0.9 is vulnerable to Sensitive Data Exposure |
| CVE-2024-23605 | 2024-02-26 | A heap-based buffer overflow vulnerability exists in the GGUF library... |
| CVE-2024-21836 | 2024-02-26 | A heap-based buffer overflow vulnerability exists in the GGUF library... |
| CVE-2024-21802 | 2024-02-26 | A heap-based buffer overflow vulnerability exists in the GGUF library... |
| CVE-2024-23496 | 2024-02-26 | A heap-based buffer overflow vulnerability exists in the GGUF library... |
| CVE-2024-21825 | 2024-02-26 | A heap-based buffer overflow vulnerability exists in the GGUF library... |
| CVE-2024-22201 | 2024-02-26 | Jetty connection leaking on idle timeout when TCP congested |
| CVE-2024-23837 | 2024-02-26 | LibHTP unbounded folded header handling leads to denial service |
| CVE-2024-27081 | 2024-02-26 | ESPHome remote code execution via arbitrary file write |
| CVE-2024-27087 | 2024-02-26 | Kirby cross-site scripting (XSS) in the link field "Custom" type |
| CVE-2024-27088 | 2024-02-26 | es5-ext Regular Expression Denial of Service in `function#copy` and `function#toStringTokens` |
| CVE-2019-25160 | 2024-02-26 | netlabel: fix out-of-bounds memory accesses |
| CVE-2019-25162 | 2024-02-26 | i2c: Fix a potential use after free |
| CVE-2020-36775 | 2024-02-26 | f2fs: fix to avoid potential deadlock |
| CVE-2021-46906 | 2024-02-26 | HID: usbhid: fix info leak in hid_submit_ctrl |
| CVE-2023-52474 | 2024-02-26 | IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests |
| CVE-2024-1899 | 2024-02-26 | Showdownjs Denial of Service |
| CVE-2024-27092 | 2024-02-26 | Content spoofing - real Hoppscotch emails |
| CVE-2024-26149 | 2024-02-26 | Vyper _abi_decode Memory Overflow |
| CVE-2024-24564 | 2024-02-26 | Vyper extract32 can ready dirty memory |
| CVE-2024-27093 | 2024-02-26 | Minder trusts client-provided mapping from repo name to upstream ID |
| CVE-2023-41506 | 2024-02-27 | An arbitrary file upload vulnerability in the Update/Edit Student's Profile... |
| CVE-2024-22543 | 2024-02-27 | An issue was discovered in Linksys Router E1700 1.0.04 (build... |
| CVE-2024-22544 | 2024-02-27 | An issue was discovered in Linksys Router E1700 version 1.0.04... |
| CVE-2024-22917 | 2024-02-27 | SQL injection vulnerability in Dynamic Lab Management System Project in... |
| CVE-2024-24027 | 2024-02-27 | SQL Injection vulnerability in Likeshop before 2.5.7 allows attackers to... |
| CVE-2024-24095 | 2024-02-27 | Code-projects Simple Stock System 1.0 is vulnerable to SQL Injection. |
| CVE-2024-24096 | 2024-02-27 | Code-projects Computer Book Store 1.0 is vulnerable to SQL Injection... |
| CVE-2024-24099 | 2024-02-27 | Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection... |
| CVE-2024-24323 | 2024-02-27 | SQL injection vulnerability in linlinjava litemall v.1.8.0 allows a remote... |
| CVE-2024-25166 | 2024-02-27 | Cross Site Scripting vulnerability in 71CMS v.1.0.0 allows a remote... |
| CVE-2024-25398 | 2024-02-27 | In Srelay (the SOCKS proxy and Relay) v.0.4.8p3, a specially... |
| CVE-2024-25399 | 2024-02-27 | Subrion CMS 4.2.1 is vulnerable to Cross Site Scripting (XSS)... |
| CVE-2024-25723 | 2024-02-27 | ZenML Server in the ZenML machine learning package before 0.46.7... |
| CVE-2024-25840 | 2024-02-27 | In the module "Account Manager | Sales Representative & Dealers... |
| CVE-2024-25841 | 2024-02-27 | In the module "So Flexibilite" (soflexibilite) from Common-Services for PrestaShop... |
| CVE-2024-25843 | 2024-02-27 | In the module "Import/Update Bulk Product from any Csv/Excel File... |
| CVE-2024-25846 | 2024-02-27 | In the module "Product Catalog (CSV, Excel) Import" (simpleimportproduct) <=... |
| CVE-2024-26470 | 2024-02-27 | A host header injection vulnerability in the forgot password function... |
| CVE-2024-26471 | 2024-02-27 | A reflected cross-site scripting (XSS) vulnerability in zhimengzhe iBarn v1.5... |
| CVE-2024-26472 | 2024-02-27 | KLiK SocialMediaWebsite version 1.0.1 from msaad1999 has a reflected cross-site... |
| CVE-2024-26473 | 2024-02-27 | A reflected cross-site scripting (XSS) vulnerability in SocialMediaWebsite v1.0.1 allows... |
| CVE-2024-26542 | 2024-02-27 | Cross Site Scripting vulnerability in Bonitasoft, S.A v.7.14. and fixed... |
| CVE-2024-27507 | 2024-02-27 | libLAS 1.8.1 contains a memory leak vulnerability in /libLAS/apps/ts2las.cpp. |
| CVE-2024-27508 | 2024-02-27 | Atheme 7.2.12 contains a memory leak vulnerability in /atheme/src/crypto-benchmark/main.c. |
| CVE-2024-24100 | 2024-02-27 | Code-projects Computer Book Store 1.0 is vulnerable to SQL Injection... |
| CVE-2024-24720 | 2024-02-27 | An issue was discovered in the Forgot password function in... |
| CVE-2024-25400 | 2024-02-27 | Subrion CMS 4.2.1 is vulnerable to SQL Injection via ia.core.mysqli.php.... |
| CVE-2024-27356 | 2024-02-27 | An issue was discovered on certain GL-iNet devices. Attackers can... |
| CVE-2023-7033 | 2024-02-27 | Insufficient Resource Pool vulnerability in Ethernet function of Mitsubishi Electric... |
| CVE-2024-1323 | 2024-02-27 | The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable... |
| CVE-2024-0759 | 2024-02-27 | Collection of internally resolving IPs |
| CVE-2024-1686 | 2024-02-27 | The Thank You Page Customizer for WooCommerce – Increase Your... |
| CVE-2024-1687 | 2024-02-27 | The Thank You Page Customizer for WooCommerce – Increase Your... |
| CVE-2024-1698 | 2024-02-27 | The NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup... |
| CVE-2021-46908 | 2024-02-27 | bpf: Use correct permission flag for mixed signed bounds arithmetic |
| CVE-2021-46909 | 2024-02-27 | ARM: footbridge: fix PCI interrupt mapping |
| CVE-2021-46910 | 2024-02-27 | ARM: 9063/1: mm: reduce maximum number of CPUs if DEBUG_KMAP_LOCAL is enabled |
| CVE-2021-46911 | 2024-02-27 | ch_ktls: Fix kernel panic |
| CVE-2021-46912 | 2024-02-27 | net: Make tcp_allowed_congestion_control readonly in non-init netns |
| CVE-2021-46913 | 2024-02-27 | netfilter: nftables: clone set element expression template |
| CVE-2021-46914 | 2024-02-27 | ixgbe: fix unbalanced device enable/disable in suspend/resume |
| CVE-2021-46915 | 2024-02-27 | netfilter: nft_limit: avoid possible divide error in nft_limit_init |
| CVE-2021-46916 | 2024-02-27 | ixgbe: Fix NULL pointer dereference in ethtool loopback test |
| CVE-2021-46917 | 2024-02-27 | dmaengine: idxd: fix wq cleanup of WQCFG registers |
| CVE-2021-46918 | 2024-02-27 | dmaengine: idxd: clear MSIX permission entry on shutdown |
| CVE-2021-46919 | 2024-02-27 | dmaengine: idxd: fix wq size store permission state |
| CVE-2021-46920 | 2024-02-27 | dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback |
| CVE-2023-50379 | 2024-02-27 | Apache Ambari: authenticated users could perform command injection to perform RCE |
| CVE-2023-7202 | 2024-02-27 | Fatal Error Notify < 1.5.3 - Subscriber+ Test Error Email Sending |