CVE List - 2024 / March
Showing 2101 - 2200 of 3300 CVEs for March 2024 (Page 22 of 33)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-29732 | 2024-03-21 | SQL Injection vulnerability on SCAN_VISIO eDocument Suite Web Viewer from Abast |
| CVE-2023-52620 | 2024-03-21 | netfilter: nf_tables: disallow timeout for anonymous sets |
| CVE-2024-26642 | 2024-03-21 | netfilter: nf_tables: disallow anonymous set with timeout flag |
| CVE-2024-26643 | 2024-03-21 | netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout |
| CVE-2024-2740 | 2024-03-21 | Exposure of Sensitive Information to an Unauthorized Actor in Planet IGS-4215-16T2S |
| CVE-2024-2741 | 2024-03-21 | Cross-Site Request Forgery in Planet IGS-4215-16T2S |
| CVE-2024-2742 | 2024-03-21 | OS Command Injection in Planet IGS-4215-16T2S |
| CVE-2024-1394 | 2024-03-21 | Golang-fips/openssl: memory leaks in code encrypting and decrypting rsa payloads |
| CVE-2024-28834 | 2024-03-21 | Gnutls: vulnerable to minerva side-channel information leak |
| CVE-2024-2494 | 2024-03-21 | Libvirt: negative g_new0 length can lead to unbounded memory allocation |
| CVE-2024-29870 | 2024-03-21 | SQL injection vulnerability in Sentrifugo |
| CVE-2024-29871 | 2024-03-21 | SQL injection vulnerability in Sentrifugo |
| CVE-2024-29872 | 2024-03-21 | SQL injection vulnerability in Sentrifugo |
| CVE-2024-29873 | 2024-03-21 | SQL injection vulnerability in Sentrifugo |
| CVE-2024-29874 | 2024-03-21 | SQL injection vulnerability in Sentrifugo |
| CVE-2024-29875 | 2024-03-21 | SQL injection vulnerability in Sentrifugo |
| CVE-2024-29876 | 2024-03-21 | SQL injection vulnerability in Sentrifugo |
| CVE-2024-29877 | 2024-03-21 | Cross-Site Scripting (XSS) vulnerability in Sentrifugo |
| CVE-2024-29878 | 2024-03-21 | Cross-Site Scripting (XSS) vulnerability in Sentrifugo |
| CVE-2024-29879 | 2024-03-21 | Cross-Site Scripting (XSS) vulnerability in Sentrifugo |
| CVE-2024-29880 | 2024-03-21 | In JetBrains TeamCity before 2023.11 users with access to the... |
| CVE-2023-47715 | 2024-03-21 | IBM Storage Protect Plus Server improper access control |
| CVE-2024-2463 | 2024-03-21 | Weak password recovery mechanism in CDeX |
| CVE-2024-2464 | 2024-03-21 | Application users enumeration in CDeX |
| CVE-2024-2465 | 2024-03-21 | Open redirection in CDeX |
| CVE-2024-27995 | 2024-03-21 | WordPress ARMember plugin <= 4.0.23 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-27994 | 2024-03-21 | WordPress YITH WooCommerce Product Add-Ons plugin <= 4.5.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-27993 | 2024-03-21 | WordPress Calendarista Basic Edition plugin <= 3.0.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-27992 | 2024-03-21 | WordPress Link Whisper Free plugin <= 0.6.8 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-27991 | 2024-03-21 | WordPress SupportCandy plugin <= 3.2.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-27990 | 2024-03-21 | WordPress The Moneytizer plugin <= 9.5.20 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-27989 | 2024-03-21 | WordPress WP Responsive Tabs horizontal vertical and accordion Tabs plugin <= 1.1.17 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-27988 | 2024-03-21 | WordPress WEN Responsive Columns plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-27985 | 2024-03-21 | WordPress PropertyHive plugin <= 2.0.9 - PHP Object Injection vulnerability |
| CVE-2024-27970 | 2024-03-21 | WordPress WP SendFox plugin <= 1.3.0 - Broken Access Control vulnerability |
| CVE-2024-27969 | 2024-03-21 | WordPress Free Downloads WooCommerce plugin <= 3.5.8.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-27967 | 2024-03-21 | WordPress DSGVO All in one for WP plugin <= 4.3 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-27966 | 2024-03-21 | WordPress Quiz And Survey Master plugin <= 8.2.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-29019 | 2024-03-21 | ESPHome vulnerable to Authentication bypass via Cross site request forgery |
| CVE-2024-27965 | 2024-03-21 | WordPress WPFunnels plugin <= 3.0.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-27964 | 2024-03-21 | WordPress Zippy plugin <= 1.6.9 - Arbitrary File Upload vulnerability |
| CVE-2024-27963 | 2024-03-21 | WordPress Crisp – Live Chat and Chatbot plugin <= 0.44 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-27962 | 2024-03-21 | WordPress wp-mpdf plugin <= 3.7.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-29180 | 2024-03-21 | webpack-dev-middleware Path Traversal vulnerability |
| CVE-2024-2580 | 2024-03-21 | WordPress Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit plugin <= 2.8.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-2579 | 2024-03-21 | WordPress Tracking Code Manager plugin <= 2.0.16 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-2578 | 2024-03-21 | WordPress WP Coder plugin <= 3.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-27968 | 2024-03-21 | WordPress Super Page Cache for Cloudflare plugin <= 4.7.5 - Cross Site Request Forgery (CSRF) to XSS vulnerability |
| CVE-2024-27956 | 2024-03-21 | WordPress Automatic plugin <= 3.92.0 - Unauthenticated Arbitrary SQL Execution vulnerability |
| CVE-2024-27190 | 2024-03-21 | WordPress Download Media plugin <= 1.4.2 - Broken Access Control vulnerability |
| CVE-2023-49837 | 2024-03-21 | WordPress embed-code plugin <= 2.3.6 - Denial of Service Attack vulnerability |
| CVE-2024-27277 | 2024-03-21 | IBM Storage Protect Plus Server information disclosure |
| CVE-2022-44595 | 2024-03-21 | WordPress WP2FA plugin <= 2.2.0 - Broken Authentication vulnerability |
| CVE-2023-27607 | 2024-03-21 | WordPress Points and Rewards for WooCommerce plugin <= 1.5.0 - Settings Change vulnerability |
| CVE-2023-51672 | 2024-03-21 | WordPress FunnelKit Checkout plugin <= 3.10.3 - Unauthenticated Arbitrary Post/Page Deletion vulnerability |
| CVE-2024-25935 | 2024-03-21 | WordPress RegistrationMagic plugin <= 5.2.5.9 - Broken Access Control vulnerability |
| CVE-2024-25922 | 2024-03-21 | WordPress Peach Payments Gateway plugin <= 3.1.9 - Broken Access Control vulnerability |
| CVE-2024-25912 | 2024-03-21 | WordPress MoveTo plugin <= 6.2 - Unauthenticated Arbitrary WordPress Settings Change vulnerability |
| CVE-2024-25908 | 2024-03-21 | WordPress WP Media folder plugin <= 5.7.2 - Subscriber+ Arbitrary Post/Page Modification vulnerability |
| CVE-2022-47604 | 2024-03-21 | WordPress AJAX Thumbnail Rebuild plugin <= 1.13 - Broken Access Control vulnerability |
| CVE-2022-44633 | 2024-03-21 | WordPress YITH WooCommerce Gift Cards Premium plugin <= 3.23.1 - Unauth. Gift Card Creation Leading to Stored XSS vulnerability |
| CVE-2024-24850 | 2024-03-21 | WordPress Quicksand Post Filter jQuery plugin <= 3.1.1 - Broken Access Control vulnerability |
| CVE-2024-25907 | 2024-03-21 | WordPress WP Media folder plugin <= 5.7.2 - Plugin Settings Change vulnerability |
| CVE-2024-24883 | 2024-03-21 | WordPress Prime Slider plugin <= 3.11.10 - Broken Access Control on Duplicate Post vulnerability |
| CVE-2024-1727 | 2024-03-21 | CSRF Vulnerability in gradio-app/gradio |
| CVE-2024-2763 | 2024-03-21 | Tenda AC10U setcfm formSetCfm stack-based overflow |
| CVE-2024-2764 | 2024-03-21 | Tenda AC10U SetPptpServerCfg formSetPPTPServer stack-based overflow |
| CVE-2024-2766 | 2024-03-21 | Campcodes Complete Online Beauty Parlor Management System index.php sql injection |
| CVE-2024-2767 | 2024-03-21 | Campcodes Complete Online Beauty Parlor Management System forgot-password.php sql injection |
| CVE-2024-2768 | 2024-03-21 | Campcodes Complete Online Beauty Parlor Management System edit-services.php sql injection |
| CVE-2024-27921 | 2024-03-21 | Grav File Upload Path Traversal vulnerability |
| CVE-2024-28116 | 2024-03-21 | Server-Side Template Injection (SSTI) with Grav CMS security sandbox bypass |
| CVE-2024-28117 | 2024-03-21 | Grav vulnerable to Server Side Template Injection (SSTI) |
| CVE-2024-28118 | 2024-03-21 | Grav vulnerable to Server Side Template Injection (SSTI) |
| CVE-2024-2769 | 2024-03-21 | Campcodes Complete Online Beauty Parlor Management System admin-profile.php sql injection |
| CVE-2024-28119 | 2024-03-21 | Grav vulnerable to Server Side Template Injection (SSTI) via Twig escape handler |
| CVE-2024-28029 | 2024-03-21 | Client-Side Enforcement of Server-Side Security in Delta Electronics DIAEnergie |
| CVE-2024-28891 | 2024-03-21 | Delta Electronics DIAEnergie SQL injection |
| CVE-2024-25937 | 2024-03-21 | Delta Electronics DIAEnergie SQL injection |
| CVE-2024-28863 | 2024-03-21 | node-tar vulnerable to denial of service while parsing a tar file due to lack of folders count validation |
| CVE-2024-28040 | 2024-03-21 | Delta Electronics DIAEnergie SQL injection |
| CVE-2024-23975 | 2024-03-21 | Delta Electronics DIAEnergie SQL injection |
| CVE-2024-29031 | 2024-03-21 | Meshery SQL Injection vulnerability |
| CVE-2024-23494 | 2024-03-21 | Delta Electronics DIAEnergie SQL injection |
| CVE-2024-28171 | 2024-03-21 | Delta Electronics DIAEnergie Path traversal |
| CVE-2024-25567 | 2024-03-21 | Delta Electronics DIAEnergie Path traversal |
| CVE-2024-28045 | 2024-03-21 | Delta Electronics DIAEnergie Cross-site scripting |
| CVE-2023-42954 | 2024-03-21 | A privilege escalation issue existed in FileMaker Server, potentially exposing... |
| CVE-2024-2770 | 2024-03-21 | Campcodes Complete Online Beauty Parlor Management System contact-us.php sql injection |
| CVE-2024-2773 | 2024-03-21 | Campcodes Online Marriage Registration System search.php cross site scripting |
| CVE-2024-2453 | 2024-03-21 | Advantech WebAccess/SCADA SQL Injection |
| CVE-2024-2774 | 2024-03-21 | Campcodes Online Marriage Registration System search.php sql injection |
| CVE-2024-2775 | 2024-03-21 | Campcodes Online Marriage Registration System user-profile.php cross site scripting |
| CVE-2024-2776 | 2024-03-21 | Campcodes Online Marriage Registration System search.php sql injection |
| CVE-2023-41099 | 2024-03-22 | In the Windows installer in Atos Eviden CardOS API before... |
| CVE-2024-25168 | 2024-03-22 | SQL injection vulnerability in snow snow v.2.0.0 allows a remote... |
| CVE-2024-25807 | 2024-03-22 | Cross Site Scripting (XSS) vulnerability in Lychee 3.1.6, allows remote... |
| CVE-2024-25808 | 2024-03-22 | Cross-site Request Forgery (CSRF) vulnerability in Lychee version 3.1.6, allows... |
| CVE-2024-28441 | 2024-03-22 | File Upload vulnerability in magicflue v.7.0 and before allows a... |
| CVE-2024-28559 | 2024-03-22 | SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows... |