CVE List - 2024 / April

Showing 1401 - 1500 of 3606 CVEs for April 2024 (Page 15 of 37)

Back to List Previous Next

CVE ID	Date	Title
CVE-2024-3541	2024-04-10	Campcodes Church Management System admin_user.php cross site scripting
CVE-2024-2539	2024-04-10	The Elementor Addons by Livemesh plugin for WordPress is vulnerable...
CVE-2024-2655	2024-04-10	The Elementor Addons by Livemesh plugin for WordPress is vulnerable...
CVE-2024-3210	2024-04-10	The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form,...
CVE-2024-3542	2024-04-10	Campcodes Church Management System add_visitor.php cross site scripting
CVE-2024-0159	2024-04-10	Dell Alienware Command Center, versions 5.5.52.0 and prior, contain improper...
CVE-2024-22450	2024-04-10	Dell Alienware Command Center, versions prior to 6.2.7.0, contain an...
CVE-2024-22448	2024-04-10	Dell BIOS contains an Out-of-Bounds Write vulnerability. A local authenticated...
CVE-2024-1780	2024-04-10	The BizCalendar Web plugin for WordPress is vulnerable to Reflected...
CVE-2024-26098	2024-04-10	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79)
CVE-2024-20778	2024-04-10	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79)
CVE-2024-26079	2024-04-10	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79)
CVE-2024-26047	2024-04-10	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79)
CVE-2024-26122	2024-04-10	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79)
CVE-2024-26076	2024-04-10	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79)
CVE-2024-26084	2024-04-10	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79)
CVE-2024-26046	2024-04-10	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79)
CVE-2024-20780	2024-04-10	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79)
CVE-2024-20779	2024-04-10	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79)
CVE-2024-26087	2024-04-10	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79)
CVE-2024-26097	2024-04-10	Adobe Experience Manager \| Cross-site Scripting (Stored XSS) (CWE-79)
CVE-2024-20737	2024-04-10	Adobe After Effect 2024 RGB File parsing Memory Corruption Vulnerability
CVE-2024-2243	2024-04-10	Csmock: command injection vulnerability in csmock-plugin-snyk
CVE-2023-2794	2024-04-10	Ofono: sms decoder stack-based buffer overflow remote code execution vulnerability within the decode_deliver() function
CVE-2024-26815	2024-04-10	net/sched: taprio: proper TCA_TAPRIO_TC_ENTRY_INDEX check
CVE-2024-20759	2024-04-10	Adobe Commerce \| Cross-site Scripting (Stored XSS) (CWE-79)
CVE-2024-20758	2024-04-10	Adobe Commerce \| Improper Input Validation (CWE-20)
CVE-2024-31309	2024-04-10	Apache Traffic Server: HTTP/2 CONTINUATION frames can be utilized for DoS attack
CVE-2024-20770	2024-04-10	Adobe Photoshop 2024 TIF File parsing Out-Of-Bound Read
CVE-2024-20766	2024-04-10	Adobe Indesign 2024 TIF File Parsing Out-Of-Bound Read Information Disclosure Vulnerabiity
CVE-2024-31924	2024-04-10	WordPress EWWW Image Optimizer plugin <= 7.2.3 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2024-20772	2024-04-10	Adobe Media Encoder 2024 AI file parsing Stack based buffer overflow
CVE-2024-31492	2024-04-10	An external control of file name or path vulnerability [CWE-73]...
CVE-2024-26816	2024-04-10	x86, relocs: Ignore relocations in .notes section
CVE-2024-2730	2024-04-10	Predictable Page Indexing Might Lead to Sensitive Data Exposure in Mautic
CVE-2024-2731	2024-04-10	Improper Access Control Issues Lead to Sensitive Data Exposure in Mautic
CVE-2024-3448	2024-04-10	Improper Access Control Leads to Server-Side Request Forgery in Mautic
CVE-2024-3567	2024-04-10	Qemu-kvm: net: assertion failure in update_sctp_checksum()
CVE-2024-24809	2024-04-10	Traccar vulnerable to Path Traversal: 'dir/../../filename' and Unrestricted Upload of File with Dangerous Type
CVE-2024-3566	2024-04-10	Command injection vulnerability in programing languages on Microsoft Windows operating system.
CVE-2024-31282	2024-04-10	WordPress App Builder plugin <= 3.8.7 - Open Redirection vulnerability
CVE-2024-31253	2024-04-10	WordPress WP OAuth Server (OAuth Authentication) plugin <= 4.3.3 - Open Redirection vulnerability
CVE-2024-31353	2024-04-10	WordPress Slideshow Gallery LITE plugin <= 1.7.8 - Sensitive Data Exposure vulnerability
CVE-2024-31302	2024-04-10	WordPress Contact Form Email plugin <= 1.3.44 - Sensitive Data Exposure vulnerability
CVE-2024-31298	2024-04-10	WordPress User Spam Remover plugin <= 1.0 - Sensitive Data Exposure via Log File vulnerability
CVE-2024-31278	2024-04-10	WordPress Premium Addons for Elementor plugin <= 4.10.22 - Sensitive Data Exposure vulnerability
CVE-2024-31259	2024-04-10	WordPress SearchIQ plugin <= 4.5 - Sensitive Data Exposure via Log File vulnerability
CVE-2024-31254	2024-04-10	WordPress WordPress Backup & Migration plugin <= 1.4.7 - Sensitive Data Exposure via Log File vulnerability
CVE-2024-31249	2024-04-10	WordPress Subscribe To Comments Reloaded plugin <= 220725 - Sensitive Data Exposure vulnerability
CVE-2023-6916	2024-04-10	Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1
CVE-2024-31247	2024-04-10	WordPress FG Drupal to WordPress plugin <= 3.70.3 - Sensitive Data Exposure via Log File vulnerability
CVE-2024-31872	2024-04-10	IBM Security Verify Access Appliance missing certificate validation
CVE-2024-31245	2024-04-10	WordPress ConvertKit plugin <= 2.4.5 - Email Disclosure in Log File vulnerability
CVE-2024-31871	2024-04-10	IBM Security Verify Access Appliance improper certificate validation
CVE-2024-0218	2024-04-10	DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1
CVE-2024-31358	2024-04-10	WordPress 5 Stars Rating Funnel plugin <= 1.2.67 - Arbitrary Content Deletion vulnerability
CVE-2024-31873	2024-04-10	IBM Security Verify Access Appliance information disclosure
CVE-2024-31297	2024-04-10	WordPress Wholesale For WooCommerce plugin <= 2.3.1 - Unauthenticated Arbitrary Post/Page vulnerability
CVE-2024-31874	2024-04-10	IBM Security Verify Access Appliance denial of service
CVE-2024-31240	2024-04-10	WordPress WP Poll Maker plugin <= 3.1 - Auth. Arbitrary File Deletion vulnerability
CVE-2024-31287	2024-04-10	WordPress Media Library Folders plugin <= 8.1.8 - Directory Traversal vulnerability
CVE-2024-31343	2024-04-10	WordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar plugin <= 4.10.1 - Arbitrary File Download vulnerability
CVE-2024-31342	2024-04-10	WordPress Gallery Exporter plugin <= 1.3 - Arbitrary File Download vulnerability
CVE-2024-31356	2024-04-10	WordPress User Activity Log plugin <= 1.8 - Auth. SQL Injection vulnerability
CVE-2024-31355	2024-04-10	WordPress Slideshow Gallery LITE plugin <= 1.7.8 - Auth. SQL Injection vulnerability
CVE-2024-31299	2024-04-10	WordPress ReDi Restaurant Reservation plugin <= 24.0128 - Cross Site Request Forgery (CSRF) to XSS vulnerability
CVE-2024-3382	2024-04-10	PAN-OS: Firewall Denial of Service (DoS) via a Burst of Crafted Packets
CVE-2024-3383	2024-04-10	PAN-OS: Improper Group Membership Change Vulnerability in Cloud Identity Engine (CIE)
CVE-2024-3384	2024-04-10	PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets
CVE-2024-3385	2024-04-10	PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled
CVE-2024-3386	2024-04-10	PAN-OS: Predefined Decryption Exclusions Does Not Work as Intended
CVE-2024-3387	2024-04-10	PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure
CVE-2024-3388	2024-04-10	PAN-OS: User Impersonation in GlobalProtect SSL VPN
CVE-2024-3025	2024-04-10	Path Traversal in mintplex-labs/anything-llm
CVE-2024-2952	2024-04-10	Server-Side Template Injection in BerriAI/litellm
CVE-2024-1625	2024-04-10	IDOR Vulnerability in lunary-ai/lunary
CVE-2024-3568	2024-04-10	Arbitrary Code Execution via Deserialization in huggingface/transformers
CVE-2024-1728	2024-04-10	Local File Inclusion in gradio-app/gradio
CVE-2024-3098	2024-04-10	Prompt Injection leading to Arbitrary Code Execution in run-llama/llama_index
CVE-2024-3569	2024-04-10	Denial of Service (DoS) Vulnerability in mintplex-labs/anything-llm
CVE-2024-1643	2024-04-10	Unauthorized Organization Access in lunary-ai/lunary
CVE-2024-1600	2024-04-10	Local File Inclusion in parisneo/lollms-webui
CVE-2024-2221	2024-04-10	Path Traversal and Arbitrary File Upload Vulnerability in qdrant/qdrant
CVE-2024-3283	2024-04-10	Privilege Escalation via Mass Assignment in mintplex-labs/anything-llm
CVE-2024-1511	2024-04-10	Path Traversal Vulnerability in parisneo/lollms-webui
CVE-2024-1520	2024-04-10	OS Command Injection in parisneo/lollms-webui
CVE-2024-1602	2024-04-10	Stored XSS leading to RCE in parisneo/lollms-webui
CVE-2024-2217	2024-04-10	Improper Access Control in gaizhenbiao/chuanhuchatgpt
CVE-2024-1741	2024-04-10	Improper Authorization in lunary-ai/lunary
CVE-2024-1740	2024-04-10	Incorrect Authorization in lunary-ai/lunary
CVE-2024-1902	2024-04-10	Session Reuse Vulnerability in lunary-ai/lunary
CVE-2024-2029	2024-04-10	Command Injection in mudler/localai
CVE-2024-3101	2024-04-10	Privilege Escalation via Improper Input Validation in mintplex-labs/anything-llm
CVE-2024-2196	2024-04-10	CSRF Vulnerability in aimhubio/aim
CVE-2024-2195	2024-04-10	Remote Code Execution in aimhubio/aim
CVE-2024-3570	2024-04-10	Stored XSS leading to Admin Account Takeover in mintplex-labs/anything-llm
CVE-2024-31214	2024-04-10	Traccar's unrestricted file upload vulnerability in device image upload could lead to remote code execution
CVE-2024-31461	2024-04-10	Plane Server-Side Request Forgery (SSRF) Vulnerability
CVE-2024-31944	2024-04-10	WordPress WooCommerce UPS Shipping plugin <= 2.2.4 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2024-31943	2024-04-10	WordPress USPS Shipping for WooCommerce plugin <= 1.9.2 - Cross Site Request Forgery (CSRF) vulnerability