CVE List - 2024 / February
Showing 2701 - 2784 of 2784 CVEs for February 2024 (Page 28 of 28)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-52484 | 2024-02-29 | iommu/arm-smmu-v3: Fix soft lockup triggered by arm_smmu_mm_invalidate_range |
| CVE-2024-25093 | 2024-02-29 | WordPress GD Rating System Plugin <= 3.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2024-25094 | 2024-02-29 | WordPress PJ News Ticker Plugin <= 1.9.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2024-25098 | 2024-02-29 | WordPress PB oEmbed HTML5 Audio Plugin <= 2.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2024-25594 | 2024-02-29 | WordPress MyWaze Plugin <= 1.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2024-1982 | 2024-02-29 | The Migration, Backup, Staging – WPvivid plugin for WordPress is... |
| CVE-2024-1978 | 2024-02-29 | The Friends plugin for WordPress is vulnerable to Server-Side Request... |
| CVE-2024-1981 | 2024-02-29 | The Migration, Backup, Staging – WPvivid plugin for WordPress is... |
| CVE-2024-23493 | 2024-02-29 | Team associated AD/LDAP Groups Leaked due to missing authorization |
| CVE-2024-23488 | 2024-02-29 | Files of archived channels accessible with the “Allow users to view archived channels” option disabled |
| CVE-2024-1887 | 2024-02-29 | Public channel post content accessible without membership when compliance export is enabled |
| CVE-2024-24988 | 2024-02-29 | Excessive resource consumption when sending long emoji names in user custom status |
| CVE-2024-1888 | 2024-02-29 | Existing server guests invited to the team by members without "invite_guest" permission |
| CVE-2024-1619 | 2024-02-29 | Kaspersky has fixed a security issue in the Kaspersky Security... |
| CVE-2024-1942 | 2024-02-29 | Mattermost versions 8.1.x before 8.1.9, 9.2.x before 9.2.5, and 9.3.0... |
| CVE-2024-1949 | 2024-02-29 | A race condition in Mattermost versions 8.1.x before 8.1.9, and... |
| CVE-2024-1952 | 2024-02-29 | Mattermost version 8.1.x before 8.1.9 fails to sanitize data associated... |
| CVE-2024-1953 | 2024-02-29 | Mattermost versions 8.1.x before 8.1.9, 9.2.x before 9.2.5, 9.3.0, and... |
| CVE-2024-27906 | 2024-02-29 | Apache Airflow: Dag Code and Import Error Permissions Ignored |
| CVE-2024-26607 | 2024-02-29 | drm/bridge: sii902x: Fix probing race issue |
| CVE-2024-0864 | 2024-02-29 | RCE in Laragon |
| CVE-2024-2001 | 2024-02-29 | Cross-Site Scripting vulnerability in Cockpit CMS |
| CVE-2023-52485 | 2024-02-29 | drm/amd/display: Wake DMCUB before sending a command |
| CVE-2024-24818 | 2024-02-29 | EspoCRM weakness in "Forgot password" |
| CVE-2023-52486 | 2024-02-29 | drm: Don't unref the same fb many times by mistake due to deadlock handling |
| CVE-2023-52487 | 2024-02-29 | net/mlx5e: Fix peer flow lists handling |
| CVE-2023-52488 | 2024-02-29 | serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO |
| CVE-2023-52489 | 2024-02-29 | mm/sparsemem: fix race in accessing memory_section->usage |
| CVE-2023-52490 | 2024-02-29 | mm: migrate: fix getting incorrect page mapping during page migration |
| CVE-2023-52491 | 2024-02-29 | media: mtk-jpeg: Fix use after free bug due to error path handling in mtk_jpeg_dec_device_run |
| CVE-2023-52492 | 2024-02-29 | dmaengine: fix NULL pointer in channel unregistration function |
| CVE-2023-52493 | 2024-02-29 | bus: mhi: host: Drop chan lock before queuing buffers |
| CVE-2023-52494 | 2024-02-29 | bus: mhi: host: Add alignment check for event ring read pointer |
| CVE-2023-52495 | 2024-02-29 | soc: qcom: pmic_glink_altmode: fix port sanity check |
| CVE-2023-52497 | 2024-02-29 | erofs: fix lz4 inplace decompression |
| CVE-2023-52498 | 2024-02-29 | PM: sleep: Fix possible deadlocks in core system-wide PM code |
| CVE-2024-26608 | 2024-02-29 | ksmbd: fix global oob in ksmbd_nl_policy |
| CVE-2024-26610 | 2024-02-29 | wifi: iwlwifi: fix a memory corruption |
| CVE-2024-26611 | 2024-02-29 | xsk: fix usage of multi-buffer BPF helpers for ZC XDP |
| CVE-2024-26612 | 2024-02-29 | netfs, fscache: Prevent Oops in fscache_put_cache() |
| CVE-2024-26614 | 2024-02-29 | tcp: make sure init the accept_queue's spinlocks once |
| CVE-2024-26615 | 2024-02-29 | net/smc: fix illegal rmb_desc access in SMC-D connection dump |
| CVE-2024-26616 | 2024-02-29 | btrfs: scrub: avoid use-after-free when chunk length is not 64K aligned |
| CVE-2024-26617 | 2024-02-29 | fs/proc/task_mmu: move mmu notification mechanism inside mm lock |
| CVE-2024-26618 | 2024-02-29 | arm64/sme: Always exit sme_alloc() early with existing storage |
| CVE-2024-26619 | 2024-02-29 | riscv: Fix module loading free order |
| CVE-2024-26620 | 2024-02-29 | s390/vfio-ap: always filter entire AP matrix |
| CVE-2024-20765 | 2024-02-29 | ZDI-CAN-22674: Adobe Acrobat Reader DC PDF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| CVE-2023-6132 | 2024-02-29 | AVEVA Edge products Uncontrolled Search Path Element |
| CVE-2024-27094 | 2024-02-29 | OpenZeppelin Contracts base64 encoding may read from potentially dirty memory |
| CVE-2024-1908 | 2024-02-29 | Improper Privilege Management vulnerability was identified in GitHub Enterprise Server that allowed Privilege Escalation |
| CVE-2024-2007 | 2024-02-29 | OpenBMB XAgent Privileged Mode sandbox |
| CVE-2024-2009 | 2024-02-29 | Nway Pro Argument index.php ajax_login_submit_form information exposure |
| CVE-2024-1595 | 2024-02-29 | Delta Electronics CNCSoft-B DOPSoft Uncontrolled Search Path Element |
| CVE-2024-0068 | 2024-02-29 | Improper Link Resolution Before File Access ('Link Following') vulnerability in... |
| CVE-2024-26196 | 2024-02-29 | Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability |
| CVE-2024-2014 | 2024-02-29 | Panabit Panalog sprog_upstatus.php sql injection |
| CVE-2024-2015 | 2024-02-29 | ZhiCms mcontroller.php getindexdata sql injection |
| CVE-2024-2016 | 2024-02-29 | ZhiCms setcontroller.php index code injection |
| CVE-2024-27290 | 2024-02-29 | Docassemble HTML and javascript injection |
| CVE-2024-27291 | 2024-02-29 | Docassemble open redirect |
| CVE-2024-27292 | 2024-02-29 | Docassemble unauthorized access through URL manipulation |
| CVE-2021-46959 | 2024-02-29 | spi: Fix use-after-free with devm_spi_alloc_* |
| CVE-2021-47016 | 2024-02-29 | m68k: mvme147,mvme16x: Don't wipe PCC timer config bits |
| CVE-2021-47020 | 2024-02-29 | soundwire: stream: fix memory leak in stream config error path |
| CVE-2021-47054 | 2024-02-29 | bus: qcom: Put child node before return |
| CVE-2021-47055 | 2024-02-29 | mtd: require write permissions for locking and badblock ioctls |
| CVE-2021-47056 | 2024-02-29 | crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init |
| CVE-2021-47057 | 2024-02-29 | crypto: sun8i-ss - Fix memory leak of object d when dma_iv fails to map |
| CVE-2021-47058 | 2024-02-29 | regmap: set debugfs_name to NULL after it is freed |
| CVE-2021-47059 | 2024-02-29 | crypto: sun8i-ss - fix result memory leak on error path |
| CVE-2021-47060 | 2024-02-29 | KVM: Stop looking for coalesced MMIO zones if the bus is destroyed |
| CVE-2021-47061 | 2024-02-29 | KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU |
| CVE-2021-47062 | 2024-02-29 | KVM: SVM: Use online_vcpus, not created_vcpus, to iterate over vCPUs |
| CVE-2021-47063 | 2024-02-29 | drm: bridge/panel: Cleanup connector on bridge detach |
| CVE-2021-47064 | 2024-02-29 | mt76: fix potential DMA mapping leak |
| CVE-2021-47065 | 2024-02-29 | rtw88: Fix array overrun in rtw_get_tx_power_params() |
| CVE-2021-47066 | 2024-02-29 | async_xor: increase src_offs when dropping destination page |
| CVE-2021-47067 | 2024-02-29 | soc/tegra: regulators: Fix locking up when voltage-spread is out of range |
| CVE-2021-47068 | 2024-02-29 | net/nfc: fix use-after-free llcp_sock_bind/connect |
| CVE-2024-27294 | 2024-02-29 | dp-golang Go installation could be owned by wrong user |
| CVE-2024-2021 | 2024-02-29 | Netentsec NS-ASG Application Security Gateway list_localuser.php sql injection |
| CVE-2024-0403 | 2024-02-29 | Recipes 1.5.10 - Blind SSRF |
| CVE-2024-2045 | 2024-02-29 | Session 1.17.5 - LFR via chat attachment |