CVE List - 2024 / March
Showing 3001 - 3100 of 3300 CVEs for March 2024 (Page 31 of 33)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-6371 | 2024-03-28 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab |
| CVE-2023-52628 | 2024-03-28 | netfilter: nftables: exthdr: fix 4-byte stack OOB write |
| CVE-2024-30421 | 2024-03-28 | WordPress Events Manager plugin <= 6.4.7.1 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-30422 | 2024-03-28 | WordPress Elementor Addon Elements plugin <= 1.13.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-27775 | 2024-03-28 | SysAid - CWE-918: Server-Side Request Forgery (SSRF) |
| CVE-2024-29896 | 2024-03-28 | Astro-Shield's Content-Security-Policy header generation in middleware could be compromised by malicious injections |
| CVE-2023-6437 | 2024-03-28 | Authenticated RCE |
| CVE-2024-28109 | 2024-03-28 | Potential XSLT injection vulnerability when using policy files |
| CVE-2024-29200 | 2024-03-28 | API returns timesheet entries a user should not be authorized to view |
| CVE-2024-29882 | 2024-03-28 | SRS DOM - XSS on JSONP callback |
| CVE-2024-29897 | 2024-03-28 | CreateWiki Leak of suppressed wiki requests outside of `CreateWikiGlobalWiki` |
| CVE-2024-29898 | 2024-03-28 | Oversight in fix for GHSA-4rcf-3cj2-46mq may have exposed suppressed wiki requests on private wikis |
| CVE-2023-45705 | 2024-03-28 | HCL BigFix Platform is susceptible to Server Side Request Forgery (SSRF) |
| CVE-2023-45706 | 2024-03-28 | HCL BigFix Platform is susceptible to Cross Site Scripting (XSS) and/or Man in the Middle (MITM) attack |
| CVE-2023-45715 | 2024-03-28 | HCL BigFix Platform is susceptible to a Denial of Service attack |
| CVE-2024-3039 | 2024-03-28 | Shanghai Brad Technology BladeX API export-user sql injection |
| CVE-2024-3040 | 2024-03-28 | Netentsec NS-ASG Application Security Gateway list_crl_conf sql injection |
| CVE-2024-0259 | 2024-03-28 | Privilege Escalation in Robot Schedule Enterprise Agent for Windows prior to version 3.04 |
| CVE-2024-3041 | 2024-03-28 | Netentsec NS-ASG Application Security Gateway listloginfo.php sql injection |
| CVE-2024-3042 | 2024-03-28 | SourceCodester Simple Subscription Website manage_user.php sql injection |
| CVE-2024-31134 | 2024-03-28 | In JetBrains TeamCity before 2024.03 authenticated users without administrative permissions... |
| CVE-2024-31135 | 2024-03-28 | In JetBrains TeamCity before 2024.03 open redirect was possible on... |
| CVE-2024-31136 | 2024-03-28 | In JetBrains TeamCity before 2024.03 2FA could be bypassed by... |
| CVE-2024-31137 | 2024-03-28 | In JetBrains TeamCity before 2024.03 reflected XSS was possible via... |
| CVE-2024-31138 | 2024-03-28 | In JetBrains TeamCity before 2024.03 xSS was possible via Agent... |
| CVE-2024-31139 | 2024-03-28 | In JetBrains TeamCity before 2024.03 xXE was possible in the... |
| CVE-2024-31140 | 2024-03-28 | In JetBrains TeamCity before 2024.03 server administrators could remove arbitrary... |
| CVE-2023-42892 | 2024-03-28 | A use-after-free issue was addressed with improved memory management. This... |
| CVE-2023-42962 | 2024-03-28 | This issue was addressed with improved checks This issue is... |
| CVE-2023-42974 | 2024-03-28 | A race condition was addressed with improved state handling. This... |
| CVE-2023-42893 | 2024-03-28 | A permissions issue was addressed by removing vulnerable code and... |
| CVE-2023-40390 | 2024-03-28 | A privacy issue was addressed by moving sensitive data to... |
| CVE-2023-42913 | 2024-03-28 | This issue was addressed through improved state management. This issue... |
| CVE-2023-42930 | 2024-03-28 | This issue was addressed with improved checks. This issue is... |
| CVE-2023-42896 | 2024-03-28 | An issue was addressed with improved handling of temporary files.... |
| CVE-2023-42947 | 2024-03-28 | A path handling issue was addressed with improved validation. This... |
| CVE-2023-42950 | 2024-03-28 | A use after free issue was addressed with improved memory... |
| CVE-2023-42931 | 2024-03-28 | The issue was addressed with improved checks. This issue is... |
| CVE-2023-42936 | 2024-03-28 | This issue was addressed with improved redaction of sensitive information.... |
| CVE-2023-42956 | 2024-03-28 | The issue was addressed with improved memory handling. This issue... |
| CVE-2024-25959 | 2024-03-28 | Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an insertion... |
| CVE-2024-25961 | 2024-03-28 | Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an improper... |
| CVE-2024-25960 | 2024-03-28 | Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext... |
| CVE-2024-25952 | 2024-03-28 | Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an UNIX... |
| CVE-2024-25953 | 2024-03-28 | Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an UNIX... |
| CVE-2024-2947 | 2024-03-28 | Cockpit: command injection when deleting a sosreport with a crafted name |
| CVE-2024-3019 | 2024-03-28 | Pcp: exposure of the redis server backend allows remote command execution via pmproxy |
| CVE-2024-25963 | 2024-03-28 | Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x contains a use... |
| CVE-2024-25954 | 2024-03-28 | Dell PowerScale OneFS, versions 9.5.0.x through 9.7.0.x, contain an insufficient... |
| CVE-2024-25971 | 2024-03-28 | Dell PowerProtect Data Manager, version 19.15, contains an XML External... |
| CVE-2024-25946 | 2024-03-28 | Dell vApp Manager, versions prior to 9.2.4.9 contain a Command... |
| CVE-2024-25955 | 2024-03-28 | Dell vApp Manager, versions prior to 9.2.4.9 contain a Command... |
| CVE-2023-49231 | 2024-03-29 | An authentication bypass vulnerability was found in Stilog Visual Planning... |
| CVE-2024-27619 | 2024-03-29 | Dlink Dir-3040us A1 1.20b03a hotfix is vulnerable to Buffer Overflow.... |
| CVE-2024-28405 | 2024-03-29 | SEMCMS 4.8 is vulnerable to Incorrect Access Control. The code... |
| CVE-2024-28960 | 2024-03-29 | An issue was discovered in Mbed TLS 2.18.0 through 2.28.x... |
| CVE-2024-29640 | 2024-03-29 | An issue in aliyundrive-webdav v.2.3.3 and before allows a remote... |
| CVE-2024-29686 | 2024-03-29 | Server-side Template Injection (SSTI) vulnerability in Winter CMS v.1.2.3 allows... |
| CVE-2024-30613 | 2024-03-29 | Tenda AC15 v15.03.05.18 has a stack overflow vulnerability in the... |
| CVE-2024-30622 | 2024-03-29 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the... |
| CVE-2024-30623 | 2024-03-29 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the... |
| CVE-2024-30624 | 2024-03-29 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the... |
| CVE-2024-30625 | 2024-03-29 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the... |
| CVE-2024-30626 | 2024-03-29 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the... |
| CVE-2024-30627 | 2024-03-29 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the... |
| CVE-2024-30629 | 2024-03-29 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the... |
| CVE-2024-30630 | 2024-03-29 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the... |
| CVE-2024-30631 | 2024-03-29 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the... |
| CVE-2024-30632 | 2024-03-29 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the... |
| CVE-2024-30633 | 2024-03-29 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the... |
| CVE-2024-30634 | 2024-03-29 | Tenda F1202 v1.2.0.20(408) has a stack overflow vulnerability via the... |
| CVE-2024-30636 | 2024-03-29 | Tenda F1202 v1.2.0.20(408) has a stack overflow vulnerability via the... |
| CVE-2024-30637 | 2024-03-29 | Tenda F1202 v1.2.0.20(408) has a command injection vulnerablility in the... |
| CVE-2024-30638 | 2024-03-29 | Tenda F1202 v1.2.0.20(408) has a stack overflow vulnerability via the... |
| CVE-2024-30639 | 2024-03-29 | Tenda F1202 v1.2.0.20(408) has a stack overflow vulnerability in the... |
| CVE-2024-30645 | 2024-03-29 | Tenda AC15V1.0 V15.03.20_multi has a command injection vulnerability via the... |
| CVE-2024-31032 | 2024-03-29 | An issue in Huashi Private Cloud CDN Live Streaming Acceleration... |
| CVE-2023-49232 | 2024-03-29 | An authentication bypass vulnerability was found in Stilog Visual Planning... |
| CVE-2023-49234 | 2024-03-29 | An XML external entity (XXE) vulnerability was found in Stilog... |
| CVE-2024-29667 | 2024-03-29 | SQL Injection vulnerability in Tongtianxing Technology Co., Ltd CMSV6 v.7.31.0.2... |
| CVE-2024-30628 | 2024-03-29 | Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the... |
| CVE-2024-30635 | 2024-03-29 | Tenda F1202 v1.2.0.20(408) has a stack overflow vulnerability located in... |
| CVE-2024-2475 | 2024-03-29 | The Media Library Assistant plugin for WordPress is vulnerable to... |
| CVE-2024-2841 | 2024-03-29 | The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg... |
| CVE-2024-1729 | 2024-03-29 | Timing Attack Vulnerability in gradio-app/gradio |
| CVE-2024-3077 | 2024-03-29 | Bluetooth: integer underflow in gatt_find_info_rsp |
| CVE-2024-2936 | 2024-03-29 | The Sydney Toolbox plugin for WordPress is vulnerable to Stored... |
| CVE-2024-2842 | 2024-03-29 | The Easy Appointments plugin for WordPress is vulnerable to Stored... |
| CVE-2024-2844 | 2024-03-29 | The Easy Appointments plugin for WordPress is vulnerable to unauthorized... |
| CVE-2024-2968 | 2024-03-29 | The WP-Eggdrop plugin for WordPress is vulnerable to Stored Cross-Site... |
| CVE-2024-2963 | 2024-03-29 | The Pocket News Generator plugin for WordPress is vulnerable to... |
| CVE-2024-2969 | 2024-03-29 | The WP-Eggdrop plugin for WordPress is vulnerable to Cross-Site Request... |
| CVE-2024-2970 | 2024-03-29 | The News Wall plugin for WordPress is vulnerable to Cross-Site... |
| CVE-2024-2113 | 2024-03-29 | The Ninja Forms Contact Form – The Drag and Drop... |
| CVE-2024-2116 | 2024-03-29 | The Christmas Greetings plugin for WordPress is vulnerable to Reflected... |
| CVE-2024-1858 | 2024-03-29 | The Lightbox slider – Responsive Lightbox Gallery plugin for WordPress... |
| CVE-2024-0913 | 2024-03-29 | The WP ERP | Complete HR solution with recruitment &... |
| CVE-2024-2476 | 2024-03-29 | The OceanWP theme for WordPress is vulnerable to unauthorized access... |
| CVE-2024-2108 | 2024-03-29 | The Ninja Forms Contact Form – The Drag and Drop... |
| CVE-2024-0608 | 2024-03-29 | The WP ERP | Complete HR solution with recruitment &... |