CVE List - 2024 / March
Showing 401 - 500 of 3300 CVEs for March 2024 (Page 5 of 33)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-45591 | 2024-03-05 | A CWE-122 “Heap-based Buffer Overflow” vulnerability in the “logger_generic” function... |
| CVE-2023-45592 | 2024-03-05 | A CWE-250 “Execution with Unnecessary Privileges” vulnerability in the embedded... |
| CVE-2023-45593 | 2024-03-05 | A CWE-184 “Incomplete List of Disallowed Inputs” vulnerability in the... |
| CVE-2023-45594 | 2024-03-05 | A CWE-552 “Files or Directories Accessible to External Parties” vulnerability... |
| CVE-2023-45595 | 2024-03-05 | A CWE-434 “Unrestricted Upload of File with Dangerous Type” vulnerability... |
| CVE-2023-45596 | 2024-03-05 | A CWE-425 “Direct Request ('Forced Browsing')” vulnerability in the “file_configuration”... |
| CVE-2023-45597 | 2024-03-05 | A CWE-1236 “Improper Neutralization of Formula Elements in a CSV... |
| CVE-2023-45598 | 2024-03-05 | A CWE-425 “Direct Request ('Forced Browsing')” vulnerability in the “measure”... |
| CVE-2023-45599 | 2024-03-05 | A CWE-646 “Reliance on File Name or Extension of Externally-Supplied... |
| CVE-2023-45600 | 2024-03-05 | A CWE-613 “Insufficient Session Expiration” vulnerability in the web application,... |
| CVE-2024-2188 | 2024-03-05 | Cross-Site Scripting vulnerability in TP-Link Archer AX50 |
| CVE-2023-7103 | 2024-03-05 | Authentication Bypass in ZKSoftware's UFace 5 |
| CVE-2024-1202 | 2024-03-05 | Authentication Bypass in XPodas' Octopod |
| CVE-2024-27929 | 2024-03-05 | Use After Free in SixLabors.ImageSharp |
| CVE-2024-27931 | 2024-03-05 | Insufficient permission checking in `Deno.makeTemp*` APIs |
| CVE-2024-22252 | 2024-03-05 | Use-after-free vulnerability |
| CVE-2024-22253 | 2024-03-05 | Use-after-free vulnerability |
| CVE-2024-22254 | 2024-03-05 | Out-of-bounds write vulnerability |
| CVE-2024-22255 | 2024-03-05 | Information disclosure vulnerability |
| CVE-2024-22352 | 2024-03-05 | IBM InfoSphere Information Server information disclosure |
| CVE-2024-2005 | 2024-03-05 | SAML implementation allows privilege escalation |
| CVE-2023-35899 | 2024-03-05 | IBM Cloud Pak for Automation CSV injection |
| CVE-2024-2053 | 2024-03-05 | Artica Proxy Unauthenticated LFI Protection Bypass Vulnerability |
| CVE-2024-2054 | 2024-03-05 | Artica Proxy Unauthenticated PHP Deserialization Vulnerability |
| CVE-2024-2055 | 2024-03-05 | Artica Proxy Unauthenticated File Manager Vulnerability |
| CVE-2024-2056 | 2024-03-05 | Artica Proxy Loopback Services Remotely Accessible Unauthenticated |
| CVE-2024-23256 | 2024-03-05 | A logic issue was addressed with improved state management. This... |
| CVE-2024-23225 | 2024-03-05 | A memory corruption issue was addressed with improved validation. This... |
| CVE-2024-23296 | 2024-03-05 | A memory corruption issue was addressed with improved validation. This... |
| CVE-2024-23243 | 2024-03-05 | A privacy issue was addressed with improved private data redaction... |
| CVE-2023-26282 | 2024-03-05 | IBM Watson CP4D Data Stores file modificiation |
| CVE-2023-25681 | 2024-03-05 | IBM Spectrum Virtualize security bypass |
| CVE-2022-22399 | 2024-03-05 | IBM Aspera Faspex HTTP header injection |
| CVE-2024-1356 | 2024-03-05 | Authenticated command injection vulnerabilities exist in the ArubaOS command line... |
| CVE-2024-25611 | 2024-03-05 | Authenticated command injection vulnerabilities exist in the ArubaOS command line... |
| CVE-2024-25612 | 2024-03-05 | Authenticated command injection vulnerabilities exist in the ArubaOS command line... |
| CVE-2024-25613 | 2024-03-05 | Authenticated command injection vulnerabilities exist in the ArubaOS command line... |
| CVE-2024-25614 | 2024-03-05 | There is an arbitrary file deletion vulnerability in the CLI... |
| CVE-2024-25615 | 2024-03-05 | An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Spectrum service... |
| CVE-2024-25616 | 2024-03-05 | Aruba has identified certain configurations of ArubaOS that can lead... |
| CVE-2024-2179 | 2024-03-05 | Concrete CMS version 9 before 9.2.7 is vulnerable to Stored XSS via the Name field of a Group type |
| CVE-2024-1901 | 2024-03-05 | Denial of service in PAM password rotation during the check-in... |
| CVE-2024-1900 | 2024-03-05 | Improper session management in the identity provider authentication flow in... |
| CVE-2024-1898 | 2024-03-05 | Improper access control in the notification feature in Devolutions Server... |
| CVE-2024-1764 | 2024-03-05 | Improper privilege management in Just-in-time (JIT) elevation module in Devolutions... |
| CVE-2024-24783 | 2024-03-05 | Verify panics on certificates with an unknown public key algorithm in crypto/x509 |
| CVE-2023-45290 | 2024-03-05 | Memory exhaustion in multipart form parsing in net/textproto and net/http |
| CVE-2023-45289 | 2024-03-05 | Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http |
| CVE-2024-24784 | 2024-03-05 | Comments in display names are incorrectly handled in net/mail |
| CVE-2024-24785 | 2024-03-05 | Errors returned from JSON marshaling may break template escaping in html/template |
| CVE-2024-24786 | 2024-03-05 | Infinite loop in JSON unmarshaling in google.golang.org/protobuf |
| CVE-2024-27278 | 2024-03-05 | OpenPNE Plugin "opTimelinePlugin" 1.2.11 and earlier contains a cross-site scripting... |
| CVE-2020-26942 | 2024-03-06 | An issue discovered in Axigen Mail Server 10.3.x before 10.3.1.27... |
| CVE-2023-33677 | 2024-03-06 | Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable... |
| CVE-2023-38825 | 2024-03-06 | SQL injection vulnerability in Vanderbilt REDCap before v.13.8.0 allows a... |
| CVE-2023-38945 | 2024-03-06 | Multilaser RE160 v5.07.51_pt_MTL01 and v5.07.52_pt_MTL01, Multilaser RE160V v12.03.01.08_pt and V12.03.01.09_pt,... |
| CVE-2023-38946 | 2024-03-06 | An issue in Multilaser RE160 firmware v5.07.51_pt_MTL01 and v5.07.52_pt_MTL01 allows... |
| CVE-2023-49971 | 2024-03-06 | A cross-site scripting (XSS) vulnerability in Customer Support System v1... |
| CVE-2023-49973 | 2024-03-06 | A cross-site scripting (XSS) vulnerability in Customer Support System v1... |
| CVE-2023-49974 | 2024-03-06 | A cross-site scripting (XSS) vulnerability in Customer Support System v1... |
| CVE-2023-49976 | 2024-03-06 | A cross-site scripting (XSS) vulnerability in Customer Support System v1... |
| CVE-2023-49977 | 2024-03-06 | A cross-site scripting (XSS) vulnerability in Customer Support System v1... |
| CVE-2023-49978 | 2024-03-06 | Incorrect access control in Customer Support System v1 allows non-administrator... |
| CVE-2023-49979 | 2024-03-06 | A directory listing vulnerability in Customer Support System v1 allows... |
| CVE-2023-49980 | 2024-03-06 | A directory listing vulnerability in Best Student Result Management System... |
| CVE-2023-49981 | 2024-03-06 | A directory listing vulnerability in School Fees Management System v1.0... |
| CVE-2023-49982 | 2024-03-06 | Broken access control in the component /admin/management/users of School Fees... |
| CVE-2023-49983 | 2024-03-06 | A cross-site scripting (XSS) vulnerability in the component /management/class of... |
| CVE-2023-49984 | 2024-03-06 | A cross-site scripting (XSS) vulnerability in the component /management/settings of... |
| CVE-2023-49985 | 2024-03-06 | A cross-site scripting (XSS) vulnerability in the component /management/class of... |
| CVE-2024-25359 | 2024-03-06 | An issue in zuoxingdong lagom v.0.1.2 allows a local attacker... |
| CVE-2024-1220 | 2024-03-06 | NPort W2150A/W2250A Series Web Server Stack-based Buffer Overflow Vulnerability |
| CVE-2024-1760 | 2024-03-06 | The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin... |
| CVE-2024-1771 | 2024-03-06 | The Total theme for WordPress is vulnerable to unauthorized modification... |
| CVE-2024-1989 | 2024-03-06 | The Social Sharing Plugin – Sassy Social Share plugin for... |
| CVE-2023-52583 | 2024-03-06 | ceph: fix deadlock or deadcode of misusing dget() |
| CVE-2023-52584 | 2024-03-06 | spmi: mediatek: Fix UAF on device remove |
| CVE-2023-52585 | 2024-03-06 | drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() |
| CVE-2023-52586 | 2024-03-06 | drm/msm/dpu: Add mutex lock in control vblank irq |
| CVE-2023-52587 | 2024-03-06 | IB/ipoib: Fix mcast list locking |
| CVE-2023-52588 | 2024-03-06 | f2fs: fix to tag gcing flag on page during block migration |
| CVE-2023-52589 | 2024-03-06 | media: rkisp1: Fix IRQ disable race issue |
| CVE-2023-52590 | 2024-03-06 | ocfs2: Avoid touching renamed directory if parent does not change |
| CVE-2023-52591 | 2024-03-06 | reiserfs: Avoid touching renamed directory if parent does not change |
| CVE-2023-52593 | 2024-03-06 | wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap() |
| CVE-2023-52594 | 2024-03-06 | wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() |
| CVE-2023-52595 | 2024-03-06 | wifi: rt2x00: restart beacon queue when hardware reset |
| CVE-2023-52596 | 2024-03-06 | sysctl: Fix out of bounds access for empty sysctl registers |
| CVE-2023-52597 | 2024-03-06 | KVM: s390: fix setting of fpc register |
| CVE-2023-52598 | 2024-03-06 | s390/ptrace: handle setting of fpc register correctly |
| CVE-2023-52599 | 2024-03-06 | jfs: fix array-index-out-of-bounds in diNewExt |
| CVE-2023-52600 | 2024-03-06 | jfs: fix uaf in jfs_evict_inode |
| CVE-2023-52601 | 2024-03-06 | jfs: fix array-index-out-of-bounds in dbAdjTree |
| CVE-2023-52602 | 2024-03-06 | jfs: fix slab-out-of-bounds Read in dtSearch |
| CVE-2023-52603 | 2024-03-06 | UBSAN: array-index-out-of-bounds in dtSplitRoot |
| CVE-2023-52604 | 2024-03-06 | FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree |
| CVE-2023-52606 | 2024-03-06 | powerpc/lib: Validate size for vector operations |
| CVE-2023-52607 | 2024-03-06 | powerpc/mm: Fix null-pointer dereference in pgtable_cache_add |
| CVE-2024-26623 | 2024-03-06 | pds_core: Prevent race issues involving the adminq |
| CVE-2024-26625 | 2024-03-06 | llc: call sock_orphan() at release time |