CVE List - 2024 / March
Showing 1301 - 1400 of 3300 CVEs for March 2024 (Page 14 of 33)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-2242 | 2024-03-13 | The Contact Form 7 plugin for WordPress is vulnerable to... |
| CVE-2024-28251 | 2024-03-13 | Cross-site websocket hijacking in Querybook |
| CVE-2023-50677 | 2024-03-14 | An issue in NETGEAR-DGND4000 v.1.1.00.15_1.00.15 allows a remote attacker to... |
| CVE-2024-25139 | 2024-03-14 | In TP-Link Omada er605 1.0.1 through (v2.6) 2.2.3, a cloud-brd... |
| CVE-2024-25228 | 2024-03-14 | Vinchin Backup and Recovery 7.2 and Earlier is vulnerable to... |
| CVE-2024-25649 | 2024-03-14 | In Delinea PAM Secret Server 11.4, it is possible for... |
| CVE-2024-25650 | 2024-03-14 | Insecure key exchange between Delinea PAM Secret Server 11.4 and... |
| CVE-2024-25651 | 2024-03-14 | User enumeration can occur in the Authentication REST API in... |
| CVE-2024-25653 | 2024-03-14 | Broken Access Control in the Report functionality of Delinea PAM... |
| CVE-2024-26503 | 2024-03-14 | Unrestricted File Upload vulnerability in Greek Universities Network Open eClass... |
| CVE-2024-28323 | 2024-03-14 | The bwdates-report-result.php file in Phpgurukul User Registration & Login and... |
| CVE-2024-28383 | 2024-03-14 | Tenda AX12 v1.0 v22.03.01.16 was discovered to contain a stack... |
| CVE-2024-28388 | 2024-03-14 | SQL injection vulnerability in SunnyToo stproductcomments module for PrestaShop v.1.0.5... |
| CVE-2024-28390 | 2024-03-14 | An issue in Advanced Plugins ultimateimagetool module for PrestaShop before... |
| CVE-2024-28417 | 2024-03-14 | Webedition CMS 9.2.2.0 has a Stored XSS vulnerability via /webEdition/we_cmd.php. |
| CVE-2024-28418 | 2024-03-14 | Webedition CMS 9.2.2.0 has a File upload vulnerability via /webEdition/we_cmd.php |
| CVE-2024-28423 | 2024-03-14 | Airflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload... |
| CVE-2024-28425 | 2024-03-14 | greykite v1.0.0 was discovered to contain an arbitrary file upload... |
| CVE-2023-42286 | 2024-03-14 | There is a PHP file inclusion vulnerability in the template... |
| CVE-2024-25652 | 2024-03-14 | In Delinea PAM Secret Server 11.4, it is possible for... |
| CVE-2024-26475 | 2024-03-14 | An issue in radareorg radare2 v.0.9.7 through v.5.8.6 and fixed... |
| CVE-2024-28391 | 2024-03-14 | SQL injection vulnerability in FME Modules quickproducttable module for PrestaShop... |
| CVE-2024-28424 | 2024-03-14 | zenml v0.55.4 was discovered to contain an arbitrary file upload... |
| CVE-2024-1221 | 2024-03-14 | Improper access controls on APIs on Linux and macOS in PaperCut NG/MF |
| CVE-2024-1222 | 2024-03-14 | Incorrect authorization controls in PaperCut NG/MF APIs |
| CVE-2024-1223 | 2024-03-14 | Improper authorization controls in PaperCut NG/MF |
| CVE-2024-1654 | 2024-03-14 | Unauthorized write operations in PaperCut NG/MF |
| CVE-2024-1882 | 2024-03-14 | Server-side resource injection in PaperCut NG/MF |
| CVE-2024-1883 | 2024-03-14 | Reflected XSS in PaperCut NG/MF |
| CVE-2024-1884 | 2024-03-14 | Server Side Request Forgery in PaperCut NG/MF |
| CVE-2024-22396 | 2024-03-14 | An Integer-based buffer overflow vulnerability in the SonicOS via IPSec... |
| CVE-2024-22397 | 2024-03-14 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... |
| CVE-2024-22398 | 2024-03-14 | An improper Limitation of a Pathname to a Restricted Directory... |
| CVE-2024-27986 | 2024-03-14 | WordPress Livemesh Addons for Elementor Plugin <= 8.3.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2024-28746 | 2024-03-14 | Apache Airflow: Ignored Airflow Permissions |
| CVE-2024-0311 | 2024-03-14 | A malicious insider can bypass the existing policy of Skyhigh... |
| CVE-2024-0312 | 2024-03-14 | A malicious insider can uninstall Skyhigh Client Proxy without a... |
| CVE-2024-0313 | 2024-03-14 | A malicious insider exploiting this vulnerability can circumvent existing security... |
| CVE-2024-1623 | 2024-03-14 | Insufficient session timeout vulnerability in Sagemcom router |
| CVE-2024-25156 | 2024-03-14 | Path traversal in GoAnywhere MFT 7.4.1 and Earlier |
| CVE-2023-50168 | 2024-03-14 | Pega Platform from 6.x to 8.8.4 is affected by an... |
| CVE-2023-43490 | 2024-03-14 | Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R)... |
| CVE-2023-32666 | 2024-03-14 | On-chip debug and test interface with improper access control in... |
| CVE-2023-38575 | 2024-03-14 | Non-transparent sharing of return predictor targets between contexts in some... |
| CVE-2023-39368 | 2024-03-14 | Protection mechanism failure of bus lock regulator for some Intel(R)... |
| CVE-2023-22655 | 2024-03-14 | Protection mechanism failure in some 3rd and 4th Generation Intel(R)... |
| CVE-2023-32282 | 2024-03-14 | Race condition in BIOS firmware for some Intel(R) Processors may... |
| CVE-2023-35191 | 2024-03-14 | Uncontrolled resource consumption for some Intel(R) SPS firmware versions may... |
| CVE-2023-28389 | 2024-03-14 | Incorrect default permissions in some Intel(R) CSME installer software before... |
| CVE-2023-32633 | 2024-03-14 | Improper input validation in the Intel(R) CSME installer software before... |
| CVE-2023-27502 | 2024-03-14 | Insertion of sensitive information into log file for some Intel(R)... |
| CVE-2023-28746 | 2024-03-14 | Information exposure through microarchitectural state after transient execution from some... |
| CVE-2024-28849 | 2024-03-14 | Proxy-Authorization header kept across hosts in follow-redirects |
| CVE-2024-28181 | 2024-03-14 | Arbitrary method invocation turbo_boost-commands |
| CVE-2023-42938 | 2024-03-14 | A logic issue was addressed with improved checks. This issue... |
| CVE-2024-27266 | 2024-03-14 | IBM Maximo Application Suite XML external entity injection |
| CVE-2024-27301 | 2024-03-14 | Privilege Escalation Abusing installer in SupportApp |
| CVE-2024-27265 | 2024-03-14 | IBM Integration Bus for z/OS cross-site request forgery |
| CVE-2024-22346 | 2024-03-14 | IBM i privilege escalation |
| CVE-2024-24770 | 2024-03-14 | Username timing attack on recover password/MFA token in vantage6 |
| CVE-2024-23823 | 2024-03-14 | CORS settings overly permissive in vantage6 |
| CVE-2024-24562 | 2024-03-14 | Security headers not set in vantage6-UI |
| CVE-2024-1713 | 2024-03-14 | Plv8 Deferred Trigger Privilege Escalation |
| CVE-2024-2256 | 2024-03-14 | The oik plugin for WordPress is vulnerable to Stored Cross-Site... |
| CVE-2024-0860 | 2024-03-14 | Cleartext Transmission of Sensitive Information in Softing edgeConnector and edgeAggregator |
| CVE-2024-2249 | 2024-03-14 | The LA-Studio Element Kit for Elementor plugin for WordPress is... |
| CVE-2024-26163 | 2024-03-14 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability |
| CVE-2024-26246 | 2024-03-14 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability |
| CVE-2024-1853 | 2024-03-14 | Zemana AntiLogger v2.74.204.664 - Arbitrary Process Termination |
| CVE-2024-0802 | 2024-03-14 | Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series... |
| CVE-2024-0803 | 2024-03-14 | Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q... |
| CVE-2024-26540 | 2024-03-15 | A heap-based buffer overflow in Clmg before 3.3.3 can occur... |
| CVE-2024-27351 | 2024-03-15 | In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0... |
| CVE-2024-27756 | 2024-03-15 | GLPI through 10.0.12 allows CSV injection by an attacker who... |
| CVE-2024-28318 | 2024-03-15 | gpac 2.3-DEV-rev921-g422b78ecf-master was discovered to contain a out of boundary... |
| CVE-2024-28353 | 2024-03-15 | There is a command injection vulnerability in the TRENDnet TEW-827DRU... |
| CVE-2024-28354 | 2024-03-15 | There is a command injection vulnerability in the TRENDnet TEW-827DRU... |
| CVE-2024-28404 | 2024-03-15 | TOTOLINK X2000R before V1.0.0-B20231213.1013 contains a Stored Cross-site scripting (XSS)... |
| CVE-2024-25227 | 2024-03-15 | SQL Injection vulnerability in ABO.CMS version 5.8, allows remote attackers... |
| CVE-2024-26454 | 2024-03-15 | A Cross Site Scripting vulnerability in Healthcare-Chatbot through 9b7058a can... |
| CVE-2024-28319 | 2024-03-15 | gpac 2.3-DEV-rev921-g422b78ecf-master was discovered to contain an out of boundary... |
| CVE-2024-28401 | 2024-03-15 | TOTOLINK X2000R before v1.0.0-B20231213.1013 contains a Store Cross-site scripting (XSS)... |
| CVE-2024-28403 | 2024-03-15 | TOTOLINK X2000R before V1.0.0-B20231213.1013 is vulnerable to Cross Site Scripting... |
| CVE-2024-1915 | 2024-03-15 | Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series... |
| CVE-2024-1916 | 2024-03-15 | Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q... |
| CVE-2024-1917 | 2024-03-15 | Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q... |
| CVE-2024-2180 | 2024-03-15 | Zemana AntiLogger v2.74.204.664 - Kernel Memory Leak |
| CVE-2024-2204 | 2024-03-15 | Zemana AntiLogger v2.74.204.664 - Denial of Service (DoS) |
| CVE-2024-2478 | 2024-03-15 | BradWenqiang HR Background Management register selectAll sql injection |
| CVE-2024-2479 | 2024-03-15 | MHA Sistemas arMHAzena Cadastro Page cross site scripting |
| CVE-2024-2480 | 2024-03-15 | MHA Sistemas arMHAzena Executa Page sql injection |
| CVE-2024-2481 | 2024-03-15 | Surya2Developer Hostel Management System manage-students.php access control |
| CVE-2024-2482 | 2024-03-15 | Surya2Developer Hostel Management Service HTTP POST Request check_availability.php observable response discrepancy |
| CVE-2024-1796 | 2024-03-15 | The HUSKY – Products Filter for WooCommerce Professional plugin for... |
| CVE-2024-2399 | 2024-03-15 | The Premium Addons PRO plugin for WordPress is vulnerable to... |
| CVE-2024-1795 | 2024-03-15 | The HUSKY – Products Filter for WooCommerce Professional plugin for... |
| CVE-2024-2483 | 2024-03-15 | Surya2Developer Hostel Management Service Password Change change-password.php cross-site request forgery |
| CVE-2024-2485 | 2024-03-15 | Tenda AC18 SetSpeedWan formSetSpeedWan stack-based overflow |
| CVE-2024-2486 | 2024-03-15 | Tenda AC18 QuickIndex formQuickIndex stack-based overflow |
| CVE-2024-2487 | 2024-03-15 | Tenda AC18 SetOnlineDevName formSetDeviceName stack-based overflow |