CVE List - 2024 / March
Showing 301 - 400 of 3300 CVEs for March 2024 (Page 4 of 33)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-27199 | 2024-03-04 | In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform... |
| CVE-2023-38360 | 2024-03-04 | IBM CICS TX cross-site scripting |
| CVE-2021-47086 | 2024-03-04 | phonet/pep: refuse to enable an unbound pipe |
| CVE-2021-47082 | 2024-03-04 | tun: avoid double free in tun_free_netdev |
| CVE-2021-47083 | 2024-03-04 | pinctrl: mediatek: fix global-out-of-bounds issue |
| CVE-2021-47087 | 2024-03-04 | tee: optee: Fix incorrect page free bug |
| CVE-2021-47088 | 2024-03-04 | mm/damon/dbgfs: protect targets destructions with kdamond_lock |
| CVE-2021-47089 | 2024-03-04 | kfence: fix memory leak when cat kfence objects |
| CVE-2021-47090 | 2024-03-04 | mm/hwpoison: clear MF_COUNT_INCREASED before retrying get_any_page() |
| CVE-2021-47091 | 2024-03-04 | mac80211: fix locking in ieee80211_start_ap error path |
| CVE-2021-47092 | 2024-03-04 | KVM: VMX: Always clear vmx->fail on emulation_required |
| CVE-2021-47093 | 2024-03-04 | platform/x86: intel_pmc_core: fix memleak on registration failure |
| CVE-2021-47094 | 2024-03-04 | KVM: x86/mmu: Don't advance iterator after restart due to yielding |
| CVE-2021-47095 | 2024-03-04 | ipmi: ssif: initialize ssif_info->client early |
| CVE-2021-47096 | 2024-03-04 | ALSA: rawmidi - fix the uninitalized user_pversion |
| CVE-2021-47097 | 2024-03-04 | Input: elantech - fix stack out of bound access in elantech_change_report_id() |
| CVE-2021-47098 | 2024-03-04 | hwmon: (lm90) Prevent integer overflow/underflow in hysteresis calculations |
| CVE-2021-47099 | 2024-03-04 | veth: ensure skb entering GRO are not cloned. |
| CVE-2021-47100 | 2024-03-04 | ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module |
| CVE-2021-47101 | 2024-03-04 | asix: fix uninit-value in asix_mdio_read() |
| CVE-2021-47102 | 2024-03-04 | net: marvell: prestera: fix incorrect structure access |
| CVE-2021-47103 | 2024-03-04 | inet: fully convert sk->sk_rx_dst to RCU rules |
| CVE-2021-47104 | 2024-03-04 | IB/qib: Fix memory leak in qib_user_sdma_queue_pkts() |
| CVE-2021-47105 | 2024-03-04 | ice: xsk: return xsk buffers back to pool when cleaning the ring |
| CVE-2021-47106 | 2024-03-04 | netfilter: nf_tables: fix use-after-free in nft_set_catchall_destroy() |
| CVE-2021-47107 | 2024-03-04 | NFSD: Fix READDIR buffer overflow |
| CVE-2021-47108 | 2024-03-04 | drm/mediatek: hdmi: Perform NULL pointer check for mtk_hdmi_conf |
| CVE-2023-32331 | 2024-03-04 | IBM Connect:Express for UNIX denial of service |
| CVE-2024-27889 | 2024-03-04 | Multiple SQL Injection vulnerabilities exist in the reporting application of the Arista Edge Threat Management - Arista NG Firewall (NGFW). |
| CVE-2023-6068 | 2024-03-04 | On affected 7130 Series FPGA platforms running MOS and recent versions of the MultiAccess FPGA, application of ACL’s may result in incorrect operation of the configured ACL for a port resulting in some packets that should be denied being permitted and some |
| CVE-2024-2048 | 2024-03-04 | Vault Cert Auth Method Did Not Correctly Validate Non-CA Certificates |
| CVE-2024-1319 | 2024-03-04 | Event Tickets Plus < 5.9.1 - Contributor+ Attendees Lists Disclosure |
| CVE-2024-1316 | 2024-03-04 | Event Tickets and Registration < 5.8.1 - Contributor+ Arbitrary Events Access |
| CVE-2024-2168 | 2024-03-04 | SourceCodester Online Tours & Travels Management System HTTP POST Request expense_category.php sql injection |
| CVE-2024-1936 | 2024-03-04 | The encrypted subject of an email message could be incorrectly... |
| CVE-2023-41827 | 2024-03-04 | An improper export vulnerability was reported in the Motorola OTA... |
| CVE-2023-41829 | 2024-03-04 | An improper export vulnerability was reported in the Motorola Carrier... |
| CVE-2022-46088 | 2024-03-05 | Online Flight Booking Management System v1.0 was discovered to contain... |
| CVE-2023-38944 | 2024-03-05 | An issue in Multilaser RE160V firmware v12.03.01.09_pt and Multilaser RE163V... |
| CVE-2023-43318 | 2024-03-05 | TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 allows attackers... |
| CVE-2024-22188 | 2024-03-05 | TYPO3 before 13.0.1 allows an authenticated admin user (with system... |
| CVE-2024-22889 | 2024-03-05 | Due to incorrect access control in Plone version v6.0.9, remote... |
| CVE-2024-24098 | 2024-03-05 | Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection... |
| CVE-2024-24278 | 2024-03-05 | An issue in Teamwire Windows desktop client v.2.0.1 through v.2.4.0... |
| CVE-2024-25817 | 2024-03-05 | Buffer Overflow vulnerability in eza before version 0.18.2, allows local... |
| CVE-2024-26333 | 2024-03-05 | swftools v0.9.2 was discovered to contain a segmentation violation via... |
| CVE-2024-26334 | 2024-03-05 | swftools v0.9.2 was discovered to contain a segmentation violation via... |
| CVE-2024-26335 | 2024-03-05 | swftools v0.9.2 was discovered to contain a segmentation violation via... |
| CVE-2024-26337 | 2024-03-05 | swftools v0.9.2 was discovered to contain a segmentation violation via... |
| CVE-2024-26339 | 2024-03-05 | swftools v0.9.2 was discovered to contain a strcpy parameter overlap... |
| CVE-2024-27561 | 2024-03-05 | A Server-Side Request Forgery (SSRF) in the installUpdateThemePluginAction function of... |
| CVE-2024-27563 | 2024-03-05 | A Server-Side Request Forgery (SSRF) in the getFileFromRepo function of... |
| CVE-2024-27565 | 2024-03-05 | A Server-Side Request Forgery (SSRF) in weixin.php of ChatGPT-wechat-personal commit... |
| CVE-2024-27622 | 2024-03-05 | A remote code execution vulnerability has been identified in the... |
| CVE-2024-27623 | 2024-03-05 | CMS Made Simple version 2.2.19 is vulnerable to Server-Side Template... |
| CVE-2024-27625 | 2024-03-05 | CMS Made Simple Version 2.2.19 is vulnerable to Cross Site... |
| CVE-2024-27626 | 2024-03-05 | A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in... |
| CVE-2024-27627 | 2024-03-05 | A reflected cross-site scripting (XSS) vulnerability exists in SuperCali version... |
| CVE-2024-27764 | 2024-03-05 | An issue in Jeewms v.3.7 and before allows a remote... |
| CVE-2024-27765 | 2024-03-05 | Directory Traversal vulnerability in Jeewms v.3.7 and before allows a... |
| CVE-2023-48644 | 2024-03-05 | An issue was discovered in the Archibus app 4.0.3 for... |
| CVE-2024-24275 | 2024-03-05 | Cross Site Scripting vulnerability in Teamwire Windows desktop client v.2.0.1... |
| CVE-2024-24276 | 2024-03-05 | Cross Site Scripting (XSS) vulnerability in Teamwire Windows desktop client... |
| CVE-2024-25269 | 2024-03-05 | libheif <= 1.17.6 contains a memory leak in the function... |
| CVE-2024-25858 | 2024-03-05 | In Foxit PDF Reader before 2024.1 and PDF Editor before... |
| CVE-2024-27564 | 2024-03-05 | pictureproxy.php in the dirk1983 mm1.ltd source code f9f4bbc allows SSRF... |
| CVE-2024-1178 | 2024-03-05 | The SportsPress – Sports Club & League Manager plugin for... |
| CVE-2024-1782 | 2024-03-05 | The Blue Triad EZAnalytics plugin for WordPress is vulnerable to... |
| CVE-2024-1478 | 2024-03-05 | The Maintenance Mode plugin for WordPress is vulnerable to Sensitive... |
| CVE-2024-1095 | 2024-03-05 | The Build & Control Block Patterns – Boost up Gutenberg... |
| CVE-2024-0698 | 2024-03-05 | The Easy!Appointments plugin for WordPress is vulnerable to Stored Cross-Site... |
| CVE-2024-1731 | 2024-03-05 | The Auto Refresh Single Page plugin for WordPress is vulnerable... |
| CVE-2024-1285 | 2024-03-05 | The Page Builder Sandwich – Front End WordPress Page Builder... |
| CVE-2024-1088 | 2024-03-05 | The Password Protected Store for WooCommerce plugin for WordPress is... |
| CVE-2024-0825 | 2024-03-05 | The Vimeography: Vimeo Video Gallery WordPress Plugin plugin for WordPress... |
| CVE-2024-1381 | 2024-03-05 | The Page Builder Sandwich – Front End WordPress Page Builder... |
| CVE-2024-1769 | 2024-03-05 | The JM Twitter Cards plugin for WordPress is vulnerable to... |
| CVE-2024-1093 | 2024-03-05 | The Change Memory Limit plugin for WordPress is vulnerable to... |
| CVE-2024-21815 | 2024-03-05 | Insufficiently protected credentials (CWE-522) for third party DVR integrations to... |
| CVE-2024-21838 | 2024-03-05 | Improper neutralization of special elements in output (CWE-74) used by... |
| CVE-2024-22383 | 2024-03-05 | Missing release of resource after effective lifetime (CWE-772) in the... |
| CVE-2023-52432 | 2024-03-05 | Improper input validation in IpcTxSndSetLoopbackCtrl in libsec-ril prior to SMR... |
| CVE-2024-20829 | 2024-03-05 | Missing proper interaction for opening deeplink in Samsung Internet prior... |
| CVE-2024-20830 | 2024-03-05 | Incorrect default permission in AppLock prior to SMR MAr-2024 Release... |
| CVE-2024-20831 | 2024-03-05 | Stack overflow in Little Kernel in bootloader prior to SMR... |
| CVE-2024-20832 | 2024-03-05 | Heap overflow in Little Kernel in bootloader prior to SMR... |
| CVE-2024-20834 | 2024-03-05 | The sensitive information exposure vulnerability in WlanTest prior to SMR... |
| CVE-2024-20835 | 2024-03-05 | Improper access control vulnerability in CustomFrequencyManagerService prior to SMR Mar-2024... |
| CVE-2024-20836 | 2024-03-05 | Out of bounds Read vulnerability in ssmis_get_frm in libsubextractor.so prior... |
| CVE-2024-20837 | 2024-03-05 | Improper handling of granting permission for Trusted Web Activities in... |
| CVE-2024-20838 | 2024-03-05 | Improper validation vulnerability in Samsung Internet prior to version 24.0.3.2... |
| CVE-2024-20839 | 2024-03-05 | Improper access control in Samsung Voice Recorder prior to versions... |
| CVE-2024-20840 | 2024-03-05 | Improper access control in Samsung Voice Recorder prior to versions... |
| CVE-2024-20841 | 2024-03-05 | Improper Handling of Insufficient Privileges in Samsung Account prior to... |
| CVE-2023-42419 | 2024-03-05 | Improper Management of Cryptographic Keys in the Maintenance Server in QCOW Air-Gapped Distribution (China Edition) |
| CVE-2024-20833 | 2024-03-05 | Use after free vulnerability in pub_crypto_recv_msg prior to SMR Mar-2024... |
| CVE-2023-5456 | 2024-03-05 | A CWE-798 “Use of Hard-coded Credentials” vulnerability in the MariaDB... |
| CVE-2023-5457 | 2024-03-05 | A CWE-1269 “Product Released in Non-Release Configuration” vulnerability in the... |
| CVE-2022-48629 | 2024-03-05 | crypto: qcom-rng - ensure buffer for generate is completely filled |
| CVE-2022-48630 | 2024-03-05 | crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ |