CVE List - 2024 / April
Showing 2701 - 2800 of 3606 CVEs for April 2024 (Page 28 of 37)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-31552 | 2024-04-19 | CuteHttpFileServer v.3.1 version has an arbitrary file download vulnerability, which... |
| CVE-2024-31584 | 2024-04-19 | Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the... |
| CVE-2024-31587 | 2024-04-19 | SecuSTATION Camera V2.5.5.3116-S50-SMA-B20160811A and lower allows an unauthenticated attacker to... |
| CVE-2024-31744 | 2024-04-19 | In Jasper 4.2.2, the jpc_streamlist_remove function in src/libjasper/jpc/jpc_dec.c:2407 has an... |
| CVE-2024-31841 | 2024-04-19 | An issue was discovered in Italtel Embrace 1.6.4. The web... |
| CVE-2024-31846 | 2024-04-19 | An issue was discovered in Italtel Embrace 1.6.4. The web... |
| CVE-2024-32166 | 2024-04-19 | Webid v1.2.1 suffers from an Insecure Direct Object Reference (IDOR)... |
| CVE-2024-32206 | 2024-04-19 | A stored cross-site scripting (XSS) vulnerability in the component \affiche\admin\index.php... |
| CVE-2024-32391 | 2024-04-19 | Cross Site Scripting vulnerability in MacCMS v.10 v.2024.1000.3000 allows a... |
| CVE-2024-32392 | 2024-04-19 | Cross Site Scripting vulnerability in CmSimple v.5.15 allows a remote... |
| CVE-2024-32409 | 2024-04-19 | An issue in SEMCMS v.4.8 allows a remote attacker to... |
| CVE-2023-49502 | 2024-04-19 | Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker... |
| CVE-2023-50007 | 2024-04-19 | FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use of a... |
| CVE-2023-50008 | 2024-04-19 | FFmpeg v.n6.1-3-g466799d4f5 allows memory consumption when using the colorcorrect filter,... |
| CVE-2023-50009 | 2024-04-19 | FFmpeg v.n6.1-3-g466799d4f5 allows a heap-based buffer overflow via the ff_gaussian_blur_8... |
| CVE-2023-50010 | 2024-04-19 | FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ff_gradfun_blur_line_movdqa_sse2, as demonstrated... |
| CVE-2024-27984 | 2024-04-19 | A Path Traversal vulnerability in web component of Ivanti Avalanche... |
| CVE-2024-27975 | 2024-04-19 | An Use-after-free vulnerability in WLAvalancheService component of Ivanti Avalanche before... |
| CVE-2024-29204 | 2024-04-19 | A Heap Overflow vulnerability in WLAvalancheService component of Ivanti Avalanche... |
| CVE-2024-27976 | 2024-04-19 | A Path Traversal vulnerability in web component of Ivanti Avalanche... |
| CVE-2024-23530 | 2024-04-19 | An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche... |
| CVE-2024-23531 | 2024-04-19 | An Integer Overflow vulnerability in WLInfoRailService component of Ivanti Avalanche... |
| CVE-2024-23533 | 2024-04-19 | An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche... |
| CVE-2024-23534 | 2024-04-19 | An Unrestricted File-upload vulnerability in web component of Ivanti Avalanche... |
| CVE-2024-24996 | 2024-04-19 | A Heap overflow vulnerability in WLInfoRailService component of Ivanti Avalanche... |
| CVE-2024-24994 | 2024-04-19 | A Path Traversal vulnerability in web component of Ivanti Avalanche... |
| CVE-2024-27978 | 2024-04-19 | A Null Pointer Dereference vulnerability in WLAvalancheService component of Ivanti... |
| CVE-2024-24991 | 2024-04-19 | A Null Pointer Dereference vulnerability in WLAvalancheService component of Ivanti... |
| CVE-2024-24997 | 2024-04-19 | A Path Traversal vulnerability in web component of Ivanti Avalanche... |
| CVE-2024-24999 | 2024-04-19 | A Path Traversal vulnerability in web component of Ivanti Avalanche... |
| CVE-2024-24993 | 2024-04-19 | A Race Condition (TOCTOU) vulnerability in web component of Ivanti... |
| CVE-2024-24995 | 2024-04-19 | A Race Condition (TOCTOU) vulnerability in web component of Ivanti... |
| CVE-2024-24998 | 2024-04-19 | A Path Traversal vulnerability in web component of Ivanti Avalanche... |
| CVE-2024-23535 | 2024-04-19 | A Path Traversal vulnerability in web component of Ivanti Avalanche... |
| CVE-2024-23532 | 2024-04-19 | An out-of-bounds Read vulnerability in WLAvalancheService component of Ivanti Avalanche... |
| CVE-2024-24992 | 2024-04-19 | A Path Traversal vulnerability in web component of Ivanti Avalanche... |
| CVE-2024-27977 | 2024-04-19 | A Path Traversal vulnerability in web component of Ivanti Avalanche... |
| CVE-2024-25000 | 2024-04-19 | A Path Traversal vulnerability in web component of Ivanti Avalanche... |
| CVE-2024-23528 | 2024-04-19 | An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche... |
| CVE-2024-23529 | 2024-04-19 | An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche... |
| CVE-2024-22061 | 2024-04-19 | A Heap Overflow vulnerability in WLInfoRailService component of Ivanti Avalanche... |
| CVE-2024-23526 | 2024-04-19 | An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche... |
| CVE-2024-3560 | 2024-04-19 | The LearnPress – WordPress LMS Plugin plugin for WordPress is... |
| CVE-2024-3598 | 2024-04-19 | The ElementsKit Pro plugin for WordPress is vulnerable to Stored... |
| CVE-2024-3615 | 2024-04-19 | The Media Library Folders plugin for WordPress is vulnerable to... |
| CVE-2024-3818 | 2024-04-19 | The Essential Blocks – Page Builder Gutenberg Blocks, Patterns &... |
| CVE-2024-3731 | 2024-04-19 | The Customer Reviews for WooCommerce plugin for WordPress is vulnerable... |
| CVE-2024-3600 | 2024-04-19 | The Poll Maker – Best WordPress Poll Plugin plugin for... |
| CVE-2024-29957 | 2024-04-19 | Encryption key is stored in the DR log files |
| CVE-2024-29958 | 2024-04-19 | Encryption key in the console when a privileged user executes the script to replace the Brocade SANnav Management Portal standby node. |
| CVE-2024-29959 | 2024-04-19 | Brocade Fabric OS switch encrypted passwords in the Brocade SANnav Standby node's support save |
| CVE-2024-29960 | 2024-04-19 | Identical SSH keys utilized inside the OVA image (CVE-2024-29960) |
| CVE-2024-29961 | 2024-04-19 | supply-chain attack risk |
| CVE-2024-29963 | 2024-04-19 | Brocade SANnav contains hardcoded TLS keys used by Docker |
| CVE-2024-29962 | 2024-04-19 | Insecure file permission setting that makes files world-readable |
| CVE-2024-29964 | 2024-04-19 | Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files |
| CVE-2024-29965 | 2024-04-19 | Insecure backup |
| CVE-2024-29966 | 2024-04-19 | hard-coded credentials in the documentation that appear as the appliance root password |
| CVE-2024-2761 | 2024-04-19 | Genesis Blocks < 3.1.3 - Contributor+ Stored XSS |
| CVE-2024-29967 | 2024-04-19 | In Brocade SANnav before v2.31 and v2.3.0a, it was observed that Docker instances inside the appliance have insecure mount points |
| CVE-2024-29968 | 2024-04-19 | SQL Table names, column names, and SQL queries are collected in DR standby Supportsave |
| CVE-2024-29969 | 2024-04-19 | TLS/SSL weak message authentication code ciphers are added by default for port 18082 |
| CVE-2024-0671 | 2024-04-19 | Mali GPU Kernel Driver allows improper GPU memory processing operations |
| CVE-2024-1065 | 2024-04-19 | Mali GPU Kernel Driver allows improper GPU memory processing operations |
| CVE-2024-32683 | 2024-04-19 | WordPress WP Ultimate Review plugin <= 2.2.5 - Insecure Direct Object References (IDOR) vulnerability |
| CVE-2024-3654 | 2024-04-19 | Cross-Site Scripting Vulnerability in Teixo by Teimas Global |
| CVE-2023-37400 | 2024-04-19 | IBM Aspera Faspex privilege escalation |
| CVE-2024-3470 | 2024-04-19 | Repository administrator can bypass organization's ruleset using deploy keys |
| CVE-2024-3646 | 2024-04-19 | Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Management Console |
| CVE-2023-49275 | 2024-04-19 | Wazuh vulnerable to NULL Pointer Dereference in wazuh-analysisd |
| CVE-2024-3684 | 2024-04-19 | Improper Privilege Management was identified in GitHub Enterprise Server that allowed privilege escalation in the Management Console |
| CVE-2023-50260 | 2024-04-19 | Wazuh's vulnerability in host_deny AR script allows arbitrary command execution |
| CVE-2024-32038 | 2024-04-19 | Wazuh Analysis Engine Event Decoder Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2024-32478 | 2024-04-19 | Git Credential Manager (GCM)'s Debian package does not set root ownership on installed files |
| CVE-2024-32644 | 2024-04-19 | Evmos' transaction execution not accounting for all state transition after interaction with precompiles |
| CVE-2024-29030 | 2024-04-19 | memos vulnerable to an SSRF in /api/resource |
| CVE-2024-29028 | 2024-04-19 | memos vulnerable to an SSRF in /o/get/httpmeta |
| CVE-2024-29029 | 2024-04-19 | memos vulnerable to an SSRF in /o/get/image |
| CVE-2023-22869 | 2024-04-19 | IBM Aspera Faspex information disclosure |
| CVE-2024-29183 | 2024-04-19 | OpenRASP vulnerable to a reflected Cross-Site Scripting (XSS) attack in /login |
| CVE-2024-32650 | 2024-04-19 | Rustls vulnerable to an infinite loop in rustls::conn::ConnectionCommon::complete_io() with proper client input |
| CVE-2023-37396 | 2024-04-19 | IBM Aspera Faspex information disclosure |
| CVE-2023-27279 | 2024-04-19 | IBM Aspera Faspex denial of service |
| CVE-2024-29991 | 2024-04-19 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability |
| CVE-2023-37397 | 2024-04-19 | IBM Aspera Faspex data manipulation |
| CVE-2022-40745 | 2024-04-19 | IBM Aspera Faspex information disclosure |
| CVE-2024-2440 | 2024-04-19 | Race Condition was identified in GitHub Enterprise Server that allowed maintaining admin permissions |
| CVE-2024-3979 | 2024-04-19 | COVESA vsomeip race condition |
| CVE-2024-32652 | 2024-04-19 | @hono/node-server contains Denial of Service risk when receiving Host header that cannot be parsed |
| CVE-2024-31450 | 2024-04-19 | Owncast vulnerable to arbitrary file deletion in emoji.go (GHSL-2023-277) |
| CVE-2024-1681 | 2024-04-19 | Log Injection Vulnerability in corydolphin/flask-cors |
| CVE-2024-4018 | 2024-04-19 | Privilege Escalation in U-Series Appliance |
| CVE-2024-4017 | 2024-04-19 | Privilege Escalation in U-Series Appliance |
| CVE-2024-31991 | 2024-04-19 | Mealie vulnerable to a GET-based SSRF in recipe importer (GHSL-2023-225) |
| CVE-2024-31992 | 2024-04-19 | Mealie contains a DoS vulnerability in recipe importer |
| CVE-2024-31993 | 2024-04-19 | Mealie vulnerable to a GET-based SSRF in recipe image importer (GHSL-2023-227) |
| CVE-2024-31994 | 2024-04-19 | Mealie vulnerable to a DoS in recipe image importer (GHSL-2023-228) |
| CVE-2024-1480 | 2024-04-19 | Unitronics Vision Standard Unauthenticated Password Retrieval |
| CVE-2024-1057 | 2024-04-20 | The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +10... |
| CVE-2024-1730 | 2024-04-20 | The Prime Slider – Addons For Elementor (Revolution of a... |