CVE List - 2024 / April
Showing 401 - 500 of 3606 CVEs for April 2024 (Page 5 of 37)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-31393 | 2024-04-03 | Dragging Javascript URLs to the address bar could cause them... |
| CVE-2024-31392 | 2024-04-03 | If an insecure element was added to a page after... |
| CVE-2024-27335 | 2024-04-03 | Kofax Power PDF PNG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2024-27336 | 2024-04-03 | Kofax Power PDF PNG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2024-27337 | 2024-04-03 | Kofax Power PDF TIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2024-27338 | 2024-04-03 | Kofax Power PDF app response Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2024-27339 | 2024-04-03 | Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2024-27340 | 2024-04-03 | Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2024-27341 | 2024-04-03 | Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2024-27342 | 2024-04-03 | Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2024-27343 | 2024-04-03 | Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2024-27344 | 2024-04-03 | Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| CVE-2024-20310 | 2024-04-03 | A vulnerability in the web-based interface of Cisco Unified Communications... |
| CVE-2024-27345 | 2024-04-03 | Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2024-27346 | 2024-04-03 | Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2024-20281 | 2024-04-03 | A vulnerability in the web-based management interface of Cisco Nexus... |
| CVE-2024-20282 | 2024-04-03 | A vulnerability in Cisco Nexus Dashboard could allow an authenticated,... |
| CVE-2024-30322 | 2024-04-03 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| CVE-2024-30323 | 2024-04-03 | Foxit PDF Reader template Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2024-30324 | 2024-04-03 | Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| CVE-2024-20302 | 2024-04-03 | A vulnerability in the tenant security implementation of Cisco Nexus... |
| CVE-2024-30325 | 2024-04-03 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| CVE-2024-30326 | 2024-04-03 | Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| CVE-2024-20332 | 2024-04-03 | A vulnerability in the web-based management interface of Cisco Identity... |
| CVE-2024-30327 | 2024-04-03 | Foxit PDF Reader template Use-After-Free Remote Code Execution Vulnerability |
| CVE-2024-30328 | 2024-04-03 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| CVE-2024-20367 | 2024-04-03 | A vulnerability in the web UI of Cisco Enterprise Chat... |
| CVE-2024-30329 | 2024-04-03 | Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability |
| CVE-2024-30330 | 2024-04-03 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| CVE-2024-20368 | 2024-04-03 | A vulnerability in the web-based management interface of Cisco Identity... |
| CVE-2024-30331 | 2024-04-03 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| CVE-2024-30332 | 2024-04-03 | Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| CVE-2024-30333 | 2024-04-03 | Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| CVE-2024-30334 | 2024-04-03 | Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| CVE-2024-30366 | 2024-04-03 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| CVE-2024-20334 | 2024-04-03 | A vulnerability in the web-based management interface of Cisco TelePresence... |
| CVE-2024-20283 | 2024-04-03 | A vulnerability in Cisco Nexus Dashboard could allow an authenticated,... |
| CVE-2024-20348 | 2024-04-03 | A vulnerability in the Out-of-Band (OOB) Plug and Play (PnP)... |
| CVE-2024-20362 | 2024-04-03 | A vulnerability in the web-based management interface of Cisco Small... |
| CVE-2024-20347 | 2024-04-03 | A vulnerability in Cisco Emergency Responder could allow an unauthenticated,... |
| CVE-2024-20352 | 2024-04-03 | A vulnerability in Cisco Emergency Responder could allow an authenticated,... |
| CVE-2024-1180 | 2024-04-03 | TP-Link Omada ER605 Access Control Command Injection Remote Code Execution Vulnerability |
| CVE-2024-23540 | 2024-04-03 | HCL BigFix Inventory is vulnerable to path traversal |
| CVE-2023-52640 | 2024-04-03 | fs/ntfs3: Fix oob in ntfs_listxattr |
| CVE-2023-52641 | 2024-04-03 | fs/ntfs3: Add NULL ptr dereference checking at the end of attr_allocate_frame() |
| CVE-2024-26728 | 2024-04-03 | drm/amd/display: fix null-pointer dereference on edid reading |
| CVE-2024-26729 | 2024-04-03 | drm/amd/display: Fix potential null pointer dereference in dc_dmub_srv |
| CVE-2024-26730 | 2024-04-03 | hwmon: (nct6775) Fix access to temperature configuration registers |
| CVE-2024-26731 | 2024-04-03 | bpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready() |
| CVE-2024-26732 | 2024-04-03 | net: implement lockless setsockopt(SO_PEEK_OFF) |
| CVE-2024-26733 | 2024-04-03 | arp: Prevent overflow in arp_req_get(). |
| CVE-2024-26734 | 2024-04-03 | devlink: fix possible use-after-free and memory leaks in devlink_init() |
| CVE-2024-26735 | 2024-04-03 | ipv6: sr: fix possible use-after-free and null-ptr-deref |
| CVE-2024-26736 | 2024-04-03 | afs: Increase buffer size in afs_update_volume_status() |
| CVE-2024-26737 | 2024-04-03 | bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel |
| CVE-2024-26738 | 2024-04-03 | powerpc/pseries/iommu: DLPAR add doesn't completely initialize pci_controller |
| CVE-2024-26739 | 2024-04-03 | net/sched: act_mirred: don't override retval if we already lost the skb |
| CVE-2024-26740 | 2024-04-03 | net/sched: act_mirred: use the backlog for mirred ingress |
| CVE-2024-26741 | 2024-04-03 | dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished(). |
| CVE-2024-26742 | 2024-04-03 | scsi: smartpqi: Fix disable_managed_interrupts |
| CVE-2024-26743 | 2024-04-03 | RDMA/qedr: Fix qedr_create_user_qp error flow |
| CVE-2024-26744 | 2024-04-03 | RDMA/srpt: Support specifying the srpt_service_guid parameter |
| CVE-2024-26747 | 2024-04-03 | usb: roles: fix NULL pointer issue when put module's reference |
| CVE-2024-26748 | 2024-04-03 | usb: cdns3: fix memory double free when handle zero packet |
| CVE-2024-26749 | 2024-04-03 | usb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable() |
| CVE-2024-26751 | 2024-04-03 | ARM: ep93xx: Add terminator to gpiod_lookup_table |
| CVE-2024-26752 | 2024-04-03 | l2tp: pass correct message length to ip6_append_data |
| CVE-2024-26753 | 2024-04-03 | crypto: virtio/akcipher - Fix stack overflow on memcpy |
| CVE-2024-26754 | 2024-04-03 | gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() |
| CVE-2024-26755 | 2024-04-03 | md: Don't suspend the array for interrupted reshape |
| CVE-2024-26756 | 2024-04-03 | md: Don't register sync_thread for reshape directly |
| CVE-2024-26757 | 2024-04-03 | md: Don't ignore read-only array in md_check_recovery() |
| CVE-2024-26758 | 2024-04-03 | md: Don't ignore suspended array in md_check_recovery() |
| CVE-2024-26759 | 2024-04-03 | mm/swap: fix race when skipping swapcache |
| CVE-2024-26760 | 2024-04-03 | scsi: target: pscsi: Fix bio_put() for error case |
| CVE-2024-26761 | 2024-04-03 | cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window |
| CVE-2024-26762 | 2024-04-03 | cxl/pci: Skip to handle RAS errors if CXL.mem device is detached |
| CVE-2024-26763 | 2024-04-03 | dm-crypt: don't modify the data when using authenticated encryption |
| CVE-2024-26764 | 2024-04-03 | fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio |
| CVE-2024-26765 | 2024-04-03 | LoongArch: Disable IRQ before init_fn() for nonboot CPUs |
| CVE-2024-26766 | 2024-04-03 | IB/hfi1: Fix sdma.h tx->num_descs off-by-one error |
| CVE-2024-26767 | 2024-04-03 | drm/amd/display: fixed integer types and null check locations |
| CVE-2024-26768 | 2024-04-03 | LoongArch: Change acpi_core_pic[NR_CPUS] to acpi_core_pic[MAX_CORE_PIC] |
| CVE-2024-26769 | 2024-04-03 | nvmet-fc: avoid deadlock on delete association path |
| CVE-2024-26770 | 2024-04-03 | HID: nvidia-shield: Add missing null pointer checks to LED initialization |
| CVE-2024-26771 | 2024-04-03 | dmaengine: ti: edma: Add some null pointer checks to the edma_probe |
| CVE-2024-26772 | 2024-04-03 | ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() |
| CVE-2024-26773 | 2024-04-03 | ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() |
| CVE-2024-26774 | 2024-04-03 | ext4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt |
| CVE-2024-26775 | 2024-04-03 | aoe: avoid potential deadlock at set_capacity |
| CVE-2024-26776 | 2024-04-03 | spi: hisi-sfc-v3xx: Return IRQ_NONE if no interrupts were detected |
| CVE-2024-26777 | 2024-04-03 | fbdev: sis: Error out if pixclock equals zero |
| CVE-2024-26778 | 2024-04-03 | fbdev: savage: Error out if pixclock equals zero |
| CVE-2024-26779 | 2024-04-03 | wifi: mac80211: fix race condition on enabling fast-xmit |
| CVE-2024-2758 | 2024-04-03 | CVE-2024-2758 |
| CVE-2024-2653 | 2024-04-03 | CVE-2024-2653 |
| CVE-2024-2753 | 2024-04-03 | Concrete CMS version 9 below 9.2.8 and below 8.5.16 is vulnerable to stored XSS on the calendar color settings screen |
| CVE-2024-3178 | 2024-04-03 | Concrete CMS versions 9 below 9.2.8 and versions below 8.5.16 are vulnerable to Cross-site Scripting (XSS) in the Advanced File Search Filter |
| CVE-2024-3179 | 2024-04-03 | Concrete CMS version 9 before 9.2.8 and previous versions before 8.5.16 are vulnerable to Stored XSS in the Custom Class page |
| CVE-2024-0335 | 2024-04-03 | Malformed Packet Handling |