CVE List - 2024 / April
Showing 1 - 100 of 3606 CVEs for April 2024 (Page 1 of 37)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-25080 | 2024-04-01 | WebMail in Axigen 10.x before 10.3.3.62 allows XSS via the... |
| CVE-2024-29433 | 2024-04-01 | A deserialization vulnerability in the FASTJSON component of Alldata v0.4.6... |
| CVE-2024-29435 | 2024-04-01 | An issue discovered in Alldata v0.4.6 allows attacker to run... |
| CVE-2024-30859 | 2024-04-01 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/config_ISCGroupSSLCert.php. |
| CVE-2024-30860 | 2024-04-01 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/export_excel_user.php. |
| CVE-2024-30861 | 2024-04-01 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/configguide/ipsec_guide_1.php. |
| CVE-2024-30862 | 2024-04-01 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /3g/index.php. |
| CVE-2024-30863 | 2024-04-01 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /WebPages/history.php. |
| CVE-2024-30864 | 2024-04-01 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/config_ISCGroupTimePolicy.php. |
| CVE-2024-30865 | 2024-04-01 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_user_login.php. |
| CVE-2024-30866 | 2024-04-01 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /3g/menu.php. |
| CVE-2024-30867 | 2024-04-01 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_virtual_site_info.php. |
| CVE-2024-30870 | 2024-04-01 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/address_interpret.php. |
| CVE-2024-30871 | 2024-04-01 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /WebPages/applyhardware.php. |
| CVE-2024-30872 | 2024-04-01 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /include/authrp.php. |
| CVE-2024-31033 | 2024-04-01 | JJWT (aka Java JWT) through 0.12.5 ignores certain characters and... |
| CVE-2023-48906 | 2024-04-01 | Stack Overflow vulnerability in Btstack 1.6 and earlier allows attackers... |
| CVE-2024-30858 | 2024-04-01 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/edit_fire_wall.php. |
| CVE-2024-30868 | 2024-04-01 | netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/add_getlogin.php. |
| CVE-2024-28895 | 2024-04-01 | 'Yahoo! JAPAN' App for Android v2.3.1 to v3.161.1 and 'Yahoo!... |
| CVE-2024-20039 | 2024-04-01 | In modem protocol, there is a possible out of bounds... |
| CVE-2024-20040 | 2024-04-01 | In wlan firmware, there is a possible out of bounds... |
| CVE-2024-20041 | 2024-04-01 | In da, there is a possible out of bounds read... |
| CVE-2024-20042 | 2024-04-01 | In da, there is a possible out of bounds write... |
| CVE-2024-20043 | 2024-04-01 | In da, there is a possible out of bounds write... |
| CVE-2024-20044 | 2024-04-01 | In da, there is a possible out of bounds write... |
| CVE-2024-20045 | 2024-04-01 | In audio, there is a possible out of bounds read... |
| CVE-2024-20046 | 2024-04-01 | In battery, there is a possible escalation of privilege due... |
| CVE-2024-20047 | 2024-04-01 | In battery, there is a possible out of bounds read... |
| CVE-2024-20048 | 2024-04-01 | In flashc, there is a possible information disclosure due to... |
| CVE-2024-20049 | 2024-04-01 | In flashc, there is a possible information disclosure due to... |
| CVE-2024-20050 | 2024-04-01 | In flashc, there is a possible information disclosure due to... |
| CVE-2024-20051 | 2024-04-01 | In flashc, there is a possible system crash due to... |
| CVE-2024-20052 | 2024-04-01 | In flashc, there is a possible information disclosure due to... |
| CVE-2024-20053 | 2024-04-01 | In flashc, there is a possible out of bounds write... |
| CVE-2024-20054 | 2024-04-01 | In gnss, there is a possible escalation of privilege due... |
| CVE-2024-20055 | 2024-04-01 | In imgsys, there is a possible information disclosure due to... |
| CVE-2024-1526 | 2024-04-01 | Hubbub Lite < 1.33.1 - Unauthenticated Password Protected Posts Access |
| CVE-2024-2262 | 2024-04-01 | WooCommerce Product Filter < 1.4.4 - Filter Deletion via CSRF |
| CVE-2024-2263 | 2024-04-01 | WooCommerce Product Filter < 1.4.4 - Reflected XSS |
| CVE-2024-2278 | 2024-04-01 | WooCommerce Product Filter < 1.4.4 - Admin+ Stored XSS |
| CVE-2016-15038 | 2024-04-01 | NUUO NVRmini 2 deletefile.php path traversal |
| CVE-2024-26653 | 2024-04-01 | usb: misc: ljca: Fix double free in error handling path |
| CVE-2024-26654 | 2024-04-01 | ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs |
| CVE-2024-3130 | 2024-04-01 | Insecure Data Storage leading to sensitive Information disclosure. |
| CVE-2023-6154 | 2024-04-01 | Local privilege escalation in Bitdefender Total Security (VA-11168) |
| CVE-2022-4966 | 2024-04-01 | sequentech admin-console Election Description cross site scripting |
| CVE-2024-3124 | 2024-04-01 | fridgecow smartalarm Backup File androidmanifest.xml backup |
| CVE-2024-3125 | 2024-04-01 | Zebra ZTC GK420d Alert Setup Page settings cross site scripting |
| CVE-2024-31099 | 2024-04-01 | WordPress Phlox Core Elements plugin <= 2.15.7 - Broken Access Control vulnerability |
| CVE-2024-3128 | 2024-04-01 | Replify-Messenger Backup File androidmanifest.xml backup |
| CVE-2024-26655 | 2024-04-01 | Fix memory leak in posix_clock_open() |
| CVE-2023-28547 | 2024-04-01 | Buffer Copy Without Checking Size of Input in SPS Applications |
| CVE-2023-33023 | 2024-04-01 | Buffer Copy without Checking Size of Input (`Classic Buffer Overflow`) in SPS-Applications |
| CVE-2023-33099 | 2024-04-01 | Improper Input Validation in Multi-Mode Call Processor |
| CVE-2023-33100 | 2024-04-01 | Improper input validation in Multi-Mode Call Processor |
| CVE-2023-33101 | 2024-04-01 | Incorrect Type Conversion or Cast in Multi-Mode Call Processor |
| CVE-2023-33111 | 2024-04-01 | Improper Validation of Array Index in Audio |
| CVE-2023-33115 | 2024-04-01 | Buffer Over-read in Trusted Execution Environment |
| CVE-2023-43515 | 2024-04-01 | Buffer copy without checking size of input (Classic buffer overflow) in HLOS |
| CVE-2024-21452 | 2024-04-01 | Improper Input Validation in Automotive Telematics |
| CVE-2024-21453 | 2024-04-01 | Improper Input Validation in Automotive Telematics |
| CVE-2024-21454 | 2024-04-01 | Integer Overflow to Buffer Overflow in Automotive Telematics |
| CVE-2024-21463 | 2024-04-01 | Buffer Copy Without Checking Size of Input in Audio |
| CVE-2024-21468 | 2024-04-01 | Use After Free in Kernel |
| CVE-2024-21470 | 2024-04-01 | Integer Overflow to Buffer Overflow in Graphics Windows |
| CVE-2024-21472 | 2024-04-01 | Use After Free in Kernel |
| CVE-2024-21473 | 2024-04-01 | Improper Input Validation in WIN SON |
| CVE-2024-3129 | 2024-04-01 | SourceCodester Image Accordion Gallery App add-image.php unrestricted upload |
| CVE-2024-25574 | 2024-04-01 | Delta Electronics DIAEnergie SQL Injection |
| CVE-2024-3131 | 2024-04-01 | SourceCodester Computer Laboratory Management System sql injection |
| CVE-2024-28232 | 2024-04-01 | Username Enumeration in CasaOS via bypass of CVE-2024-24766 |
| CVE-2024-3135 | 2024-04-01 | Cross-Site Request Forgery (CSRF) Vulnerability in mudler/localai |
| CVE-2023-51570 | 2024-04-01 | Voltronic Power ViewPower Pro Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| CVE-2023-51571 | 2024-04-01 | Voltronic Power ViewPower Pro SocketService Missing Authentication Denial-of-Service Vulnerability |
| CVE-2023-51572 | 2024-04-01 | Voltronic Power ViewPower Pro getMacAddressByIp Command Injection Remote Code Execution Vulnerability |
| CVE-2023-51573 | 2024-04-01 | Voltronic Power ViewPower Pro updateManagerPassword Exposed Dangerous Function Authentication Bypass Vulnerability |
| CVE-2024-3164 | 2024-04-01 | In dotCMS dashboard, the Tools and Log Files tabs under... |
| CVE-2024-3165 | 2024-04-01 | Database Credential Exposure in the Logs |
| CVE-2024-0637 | 2024-04-01 | Centreon updateDirectory SQL Injection Remote Code Execution Vulnerability |
| CVE-2024-1179 | 2024-04-01 | TP-Link Omada ER605 DHCPv6 Client Options Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2024-1863 | 2024-04-01 | Sante PACS Server Token Endpoint SQL Injection Remote Code Execution Vulnerability |
| CVE-2024-23115 | 2024-04-01 | Centreon updateGroups SQL Injection Remote Code Execution Vulnerability |
| CVE-2024-23116 | 2024-04-01 | Centreon updateLCARelation SQL Injection Remote Code Execution Vulnerability |
| CVE-2024-23117 | 2024-04-01 | Centreon updateContactServiceCommands SQL Injection Remote Code Execution Vulnerability |
| CVE-2024-23118 | 2024-04-01 | Centreon updateContactHostCommands SQL Injection Remote Code Execution Vulnerability |
| CVE-2024-23119 | 2024-04-01 | Centreon insertGraphTemplate SQL Injection Remote Code Execution Vulnerability |
| CVE-2024-27323 | 2024-04-01 | PDF-XChange Editor Updater Improper Certificate Validation Remote Code Execution Vulnerability |
| CVE-2024-27324 | 2024-04-01 | PDF-XChange Editor TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2024-27325 | 2024-04-01 | PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2024-27326 | 2024-04-01 | PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2024-27327 | 2024-04-01 | PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2024-27328 | 2024-04-01 | PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2024-27329 | 2024-04-01 | PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2024-27330 | 2024-04-01 | PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2024-27331 | 2024-04-01 | PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2024-27332 | 2024-04-01 | PDF-XChange Editor JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2024-3138 | 2024-04-01 | francoisjacquet RosarioSIS Add Portal Note cross site scripting |
| CVE-2024-3139 | 2024-04-01 | SourceCodester Computer Laboratory Management System save_users improper authorization |
| CVE-2024-3140 | 2024-04-01 | SourceCodester Computer Laboratory Management System cross site scripting |