CVE List - 2024 / April
Showing 3301 - 3400 of 3606 CVEs for April 2024 (Page 34 of 37)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-4240 | 2024-04-26 | Tenda W9 formQosManageDouble_user stack-based overflow |
| CVE-2024-32878 | 2024-04-26 | Use of Uninitialized Variable Vulnerability in llama.cpp |
| CVE-2024-32881 | 2024-04-26 | Unauthorized access to GET/SET of Slack Bot Tokens in Danswer |
| CVE-2024-4241 | 2024-04-26 | Tenda W9 formQosManageDouble_auto stack-based overflow |
| CVE-2024-4242 | 2024-04-26 | Tenda W9 wifiSSIDget formwrlSSIDget stack-based overflow |
| CVE-2024-32887 | 2024-04-26 | Reflected XSS in sidekiq |
| CVE-2024-32883 | 2024-04-26 | MCUboot Injection attack of unprotected TLV values |
| CVE-2024-3051 | 2024-04-26 | Z/IP Gateway Device Reset Locally Denial of Service Vulnerability |
| CVE-2024-3052 | 2024-04-26 | Z/IP Gateway S2 Nonce Get Denial of Service Vulnerability |
| CVE-2024-4243 | 2024-04-26 | Tenda W9 wifiSSIDset formwrlSSIDset stack-based overflow |
| CVE-2024-4244 | 2024-04-26 | Tenda W9 DhcpSetSer fromDhcpSetSer stack-based overflow |
| CVE-2022-48684 | 2024-04-27 | An issue was discovered in Logpoint before 7.1.1. Template injection... |
| CVE-2022-48685 | 2024-04-27 | An issue was discovered in Logpoint 7.1 before 7.1.2. The... |
| CVE-2023-52722 | 2024-04-27 | An issue was discovered in Artifex Ghostscript before 10.03.1. psi/zmisc1.c,... |
| CVE-2024-33851 | 2024-04-27 | phpecc, as used in paragonie/phpecc before 2.0.1, has a branch-based... |
| CVE-2024-2859 | 2024-04-27 | By default, SANnav OVA is shipped with root user login enabled (CVE-2024-2859) |
| CVE-2024-2258 | 2024-04-27 | The Form Maker by 10Web – Mobile-Friendly Drag & Drop... |
| CVE-2024-2838 | 2024-04-27 | The WPC Composite Products for WooCommerce plugin for WordPress is... |
| CVE-2024-3034 | 2024-04-27 | The BackUpWordPress plugin for WordPress is vulnerable to Directory Traversal... |
| CVE-2024-4245 | 2024-04-27 | Tenda i21 formQosManageDouble_user stack-based overflow |
| CVE-2024-4246 | 2024-04-27 | Tenda i21 formQosManageDouble_auto stack-based overflow |
| CVE-2024-3342 | 2024-04-27 | The Timetable and Event Schedule by MotoPress plugin for WordPress... |
| CVE-2023-1000 | 2024-04-27 | cyanomiko dcnnt-py Notification notifications.py main command injection |
| CVE-2024-4247 | 2024-04-27 | Tenda i21 formQosManage_auto stack-based overflow |
| CVE-2024-3309 | 2024-04-27 | The Qi Addons For Elementor plugin for WordPress is vulnerable... |
| CVE-2024-4248 | 2024-04-27 | Tenda i21 formQosManage_user stack-based overflow |
| CVE-2024-4249 | 2024-04-27 | Tenda i21 wifiSSIDget formwrlSSIDget stack-based overflow |
| CVE-2024-4250 | 2024-04-27 | Tenda i21 wifiSSIDset formwrlSSIDset stack-based overflow |
| CVE-2024-25048 | 2024-04-27 | IBM MQ code execution |
| CVE-2024-4251 | 2024-04-27 | Tenda i21 DhcpSetSe fromDhcpSetSer stack-based overflow |
| CVE-2024-4252 | 2024-04-27 | Tenda i22 formSetUrlFilterRule stack-based overflow |
| CVE-2024-4255 | 2024-04-27 | Ruijie RG-UAC gre_edit_commit.php os command injection |
| CVE-2024-4256 | 2024-04-27 | Techkshetra Info Solutions Savsoft Quiz Category Page editCategory cross site scripting |
| CVE-2024-4257 | 2024-04-27 | BlueNet Technology Clinical Browsing System deleteStudy.php sql injection |
| CVE-2024-4291 | 2024-04-27 | Tenda A301 setBlackRule formAddMacfilterRule stack-based overflow |
| CVE-2024-4292 | 2024-04-27 | Contemporary Controls BASrouter BACnet BASRT-B Device-Communication-Control Service denial of service |
| CVE-2024-4293 | 2024-04-27 | PHPGurukul Doctor Appointment Management System appointment-bwdates-reports-details.php cross site scripting |
| CVE-2024-4294 | 2024-04-27 | PHPGurukul Doctor Appointment Management System view-appointment-detail.php resource injection |
| CVE-2024-33883 | 2024-04-28 | The ejs (aka Embedded JavaScript templates) package before 3.1.10 for... |
| CVE-2024-33899 | 2024-04-28 | RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows... |
| CVE-2024-33891 | 2024-04-28 | Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication... |
| CVE-2024-26927 | 2024-04-28 | ASoC: SOF: Add some bounds checking to firmware data |
| CVE-2024-26928 | 2024-04-28 | smb: client: fix potential UAF in cifs_debug_files_proc_show() |
| CVE-2024-25050 | 2024-04-28 | IBM i privilege escalation |
| CVE-2022-48631 | 2024-04-28 | ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0 |
| CVE-2022-48632 | 2024-04-28 | i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction() |
| CVE-2022-48633 | 2024-04-28 | drm/gma500: Fix WARN_ON(lock->magic != lock) error |
| CVE-2022-48634 | 2024-04-28 | drm/gma500: Fix BUG: sleeping function called from invalid context errors |
| CVE-2022-48635 | 2024-04-28 | fsdax: Fix infinite loop in dax_iomap_rw() |
| CVE-2022-48636 | 2024-04-28 | s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup |
| CVE-2022-48637 | 2024-04-28 | bnxt: prevent skb UAF after handing over to PTP worker |
| CVE-2022-48638 | 2024-04-28 | cgroup: cgroup_get_from_id() must check the looked-up kn is a directory |
| CVE-2022-48639 | 2024-04-28 | net: sched: fix possible refcount leak in tc_new_tfilter() |
| CVE-2022-48640 | 2024-04-28 | bonding: fix NULL deref in bond_rr_gen_slave_id |
| CVE-2022-48641 | 2024-04-28 | netfilter: ebtables: fix memory leak when blob is malformed |
| CVE-2022-48642 | 2024-04-28 | netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain() |
| CVE-2022-48643 | 2024-04-28 | netfilter: nf_tables: fix nft_counters_enabled underflow at nf_tables_addchain() |
| CVE-2022-48644 | 2024-04-28 | net/sched: taprio: avoid disabling offload when it was never enabled |
| CVE-2022-48645 | 2024-04-28 | net: enetc: deny offload of tc-based TSN features on VF interfaces |
| CVE-2022-48646 | 2024-04-28 | sfc/siena: fix null pointer dereference in efx_hard_start_xmit |
| CVE-2022-48647 | 2024-04-28 | sfc: fix TX channel offset when using legacy interrupts |
| CVE-2022-48648 | 2024-04-28 | sfc: fix null pointer dereference in efx_hard_start_xmit |
| CVE-2022-48649 | 2024-04-28 | mm/slab_common: fix possible double free of kmem_cache |
| CVE-2022-48650 | 2024-04-28 | scsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts() |
| CVE-2022-48651 | 2024-04-28 | ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header |
| CVE-2022-48652 | 2024-04-28 | ice: Fix crash by keep old cfg when update TCs more than queues |
| CVE-2022-48653 | 2024-04-28 | ice: Don't double unplug aux on peer initiated reset |
| CVE-2022-48654 | 2024-04-28 | netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find() |
| CVE-2022-48655 | 2024-04-28 | firmware: arm_scmi: Harden accesses to the reset domains |
| CVE-2022-48656 | 2024-04-28 | dmaengine: ti: k3-udma-private: Fix refcount leak bug in of_xudma_dev_get() |
| CVE-2022-48657 | 2024-04-28 | arm64: topology: fix possible overflow in amu_fie_setup() |
| CVE-2022-48658 | 2024-04-28 | mm: slub: fix flush_cpu_slab()/__free_slab() invocations in task context. |
| CVE-2022-48659 | 2024-04-28 | mm/slub: fix to return errno if kmalloc() fails |
| CVE-2022-48660 | 2024-04-28 | gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully |
| CVE-2022-48661 | 2024-04-28 | gpio: mockup: Fix potential resource leakage when register a chip |
| CVE-2022-48662 | 2024-04-28 | drm/i915/gem: Really move i915_gem_context.link under ref protection |
| CVE-2022-48663 | 2024-04-28 | gpio: mockup: fix NULL pointer dereference when removing debugfs |
| CVE-2022-48664 | 2024-04-28 | btrfs: fix hang during unmount when stopping a space reclaim worker |
| CVE-2022-48665 | 2024-04-28 | exfat: fix overflow for large capacity partition |
| CVE-2022-48666 | 2024-04-28 | scsi: core: Fix a use-after-free |
| CVE-2022-48667 | 2024-04-28 | smb3: fix temporary data corruption in insert range |
| CVE-2022-48668 | 2024-04-28 | smb3: fix temporary data corruption in collapse range |
| CVE-2023-31889 | 2024-04-29 | An issue discovered in httpd in ASUS RT-AC51U with firmware... |
| CVE-2023-46565 | 2024-04-29 | Buffer Overflow vulnerability in osrg gobgp commit 419c50dfac578daa4d11256904d0dc182f1a9b22 allows a... |
| CVE-2023-46566 | 2024-04-29 | Buffer Overflow vulnerability in msoulier tftpy commit 467017b844bf6e31745138a30e2509145b0c529c allows a... |
| CVE-2023-46960 | 2024-04-29 | Buffer Overflow vulnerability in PyPXE v.1.8.4 allows a remote attacker... |
| CVE-2023-50432 | 2024-04-29 | simple-dhcp-server through ec976d2 allows remote attackers to cause a denial... |
| CVE-2023-50433 | 2024-04-29 | marshall in dhcp_packet.c in simple-dhcp-server through ec976d2 allows remote attackers... |
| CVE-2023-50434 | 2024-04-29 | emdns_resolve_raw in emdns.c in emdns through fbd1eef calls strlen with... |
| CVE-2023-51254 | 2024-04-29 | Cross Site Scripting vulnerability in Jfinalcms v.5.0.0 allows a remote... |
| CVE-2023-51710 | 2024-04-29 | EMS SQL Manager 3.6.2 (build 55333) for Oracle allows DLL... |
| CVE-2023-52080 | 2024-04-29 | IEIT NF5280M6 UEFI firmware through 8.4 has a pool overflow... |
| CVE-2023-52723 | 2024-04-29 | In KDE libksieve before 23.03.80, kmanagesieve/session.cpp places a cleartext password... |
| CVE-2023-52724 | 2024-04-29 | Open Networking Foundation SD-RAN onos-kpimon 0.4.7 allows out-of-bounds array access... |
| CVE-2023-52725 | 2024-04-29 | Open Networking Foundation SD-RAN ONOS onos-kpimon 0.4.7 allows blocking of... |
| CVE-2023-52726 | 2024-04-29 | Open Networking Foundation SD-RAN ONOS onos-ric-sdk-go 0.8.12 allows infinite repetition... |
| CVE-2023-52727 | 2024-04-29 | Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.25 allows an index... |
| CVE-2023-52728 | 2024-04-29 | Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.25 allows an index... |
| CVE-2024-23995 | 2024-04-29 | Cross Site Scripting (XSS) in Beekeeper Studio 4.1.13 and earlier... |
| CVE-2024-27518 | 2024-04-29 | An issue in SUPERAntiSyware Professional X 10.0.1262 and 10.0.1264 allows... |