CVE List - 2024 / April
Showing 3501 - 3600 of 3606 CVEs for April 2024 (Page 36 of 37)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-33684 | 2024-04-29 | WordPress Save as PDF plugin by Pdfcrowd plugin <= 3.2.0 - Broken Access Control to Stored XSS vulnerability |
| CVE-2024-33636 | 2024-04-29 | WordPress WP Page Post Widget Clone plugin <= 1.0.1 - Broken Access Control vulnerability |
| CVE-2024-33635 | 2024-04-29 | WordPress Piotnet Addons For Elementor Pro plugin <= 7.1.17 - Unauthenticated Arbitrary Post/Page Deletion vulnerability |
| CVE-2024-33597 | 2024-04-29 | WordPress SSU plugin <= 1.5.0 - Broken Access Control vulnerability |
| CVE-2024-28961 | 2024-04-29 | Dell OpenManage Enterprise, versions 4.0.0 and 4.0.1, contains a sensitive... |
| CVE-2024-33596 | 2024-04-29 | WordPress Five Star Restaurant Reservations plugin <= 2.6.16 - Broken Access Control vulnerability |
| CVE-2024-3375 | 2024-04-29 | Broken Access Control in Havelsan's Dialogue |
| CVE-2024-33595 | 2024-04-29 | WordPress Master Addons for Elementor plugin <= 2.0.5.4.1 - Broken Access Control on Duplicate Post vulnerability |
| CVE-2024-33594 | 2024-04-29 | WordPress Leaky Paywall plugin <= 4.20.8 - Price Manipulation vulnerability |
| CVE-2024-33593 | 2024-04-29 | WordPress Smart Forms plugin <= 2.6.91 - Broken Access Control vulnerability |
| CVE-2024-33591 | 2024-04-29 | WordPress Easy Accept Payments for PayPal plugin <= 4.9.10 - Broken Access Control vulnerability |
| CVE-2024-33590 | 2024-04-29 | WordPress basepress plugin <= 2.16.1 - Server Side Request Forgery (SSRF) vulnerability |
| CVE-2024-33589 | 2024-04-29 | WordPress KB Support plugin <= 1.6.0 - Broken Access Control vulnerability |
| CVE-2024-4304 | 2024-04-29 | Vulnerability on SWAL platform from GT3 Soluciones |
| CVE-2024-4306 | 2024-04-29 | Unrestricted Upload of File with Dangerous Type vulnerability in HubBank |
| CVE-2024-4308 | 2024-04-29 | SQL injection vulnerability in HubBank |
| CVE-2024-4307 | 2024-04-29 | SQL injection vulnerability in HubBank |
| CVE-2024-4309 | 2024-04-29 | SQL injection vulnerability in HubBank |
| CVE-2024-4310 | 2024-04-29 | Cross-site Scripting (XSS) vulnerability in HubBank |
| CVE-2024-33588 | 2024-04-29 | WordPress basepress plugin <= 2.16.1 - Broken Access Control vulnerability |
| CVE-2024-33587 | 2024-04-29 | WordPress Secure Copy Content Protection and Content Locking plugin <= 3.9.0 - Broken Access Control vulnerability |
| CVE-2024-33586 | 2024-04-29 | WordPress Photo Gallery by 10Web plugin <= 1.8.20 - Broken Access Control vulnerability |
| CVE-2024-33585 | 2024-04-29 | WordPress Payment Gateway Based Fees and Discounts for WooCommerce plugin <= 2.12.1 - Broken Access Control vulnerability |
| CVE-2024-27322 | 2024-04-29 | Deserialization of untrusted data can occur in the R statistical... |
| CVE-2024-1579 | 2024-04-29 | Insufficient seeding of random number generator |
| CVE-2024-1969 | 2024-04-29 | Heap buffer overflow |
| CVE-2023-48683 | 2024-04-29 | Sensitive information disclosure and manipulation due to missing authorization. The... |
| CVE-2023-48684 | 2024-04-29 | Sensitive information disclosure and manipulation due to missing authorization. The... |
| CVE-2024-34010 | 2024-04-29 | Local privilege escalation due to unquoted search path vulnerability. The... |
| CVE-2024-34011 | 2024-04-29 | Local privilege escalation due to insecure folder permissions. The following... |
| CVE-2024-0840 | 2024-04-29 | Grandstream UCM Series IP PBX HTTP Parameter Injection |
| CVE-2024-33522 | 2024-04-29 | Privilege escalation in Calico CNI install binary |
| CVE-2019-19753 | 2024-04-30 | SimpleMiningOS through v1259 ships with SSH host keys baked into... |
| CVE-2019-19754 | 2024-04-30 | HiveOS through 0.6-102@191212 ships with SSH host keys baked into... |
| CVE-2019-19755 | 2024-04-30 | ethOS through 1.3.3 ships with SSH host keys baked into... |
| CVE-2020-27478 | 2024-04-30 | Cross Site Scripting vulnerability found in Simplcommerce v.40734964b0811f3cbaf64b6dac261683d256f961 thru 3103357200c70b4767986544e01b19dbf11505a7... |
| CVE-2020-5200 | 2024-04-30 | Minerbabe through V4.16 ships with SSH host keys baked into... |
| CVE-2023-45385 | 2024-04-30 | ProQuality pqprintshippinglabels before v.4.15.0 is vulnerable to Directory Traversal via... |
| CVE-2023-46304 | 2024-04-30 | modules/Users/models/Module.php in Vtiger CRM 7.5.0 allows a remote authenticated attacker... |
| CVE-2023-49473 | 2024-04-30 | Shenzhen JF6000 Cloud Media Collaboration Processing Platform firmware version V1.2.0... |
| CVE-2023-50053 | 2024-04-30 | An issue in Foundation.app Foundation platform 1.0 allows a remote... |
| CVE-2023-50059 | 2024-04-30 | An issue ingalxe.com Galxe platform 1.0 allows a remote attacker... |
| CVE-2023-50914 | 2024-04-30 | A Privilege Escalation issue in the inter-process communication procedure from... |
| CVE-2024-22546 | 2024-04-30 | TRENDnet TEW-815DAP 1.0.2.0 is vulnerable to Command Injection via the... |
| CVE-2024-23772 | 2024-04-30 | An issue was discovered in Quest KACE Agent for Windows... |
| CVE-2024-23773 | 2024-04-30 | An issue was discovered in Quest KACE Agent for Windows... |
| CVE-2024-23774 | 2024-04-30 | An issue was discovered in Quest KACE Agent for Windows... |
| CVE-2024-26331 | 2024-04-30 | ReCrystallize Server 5.10.0.0 uses a authorization mechanism that relies on... |
| CVE-2024-28269 | 2024-04-30 | ReCrystallize Server 5.10.0.0 allows administrators to upload files to the... |
| CVE-2024-28716 | 2024-04-30 | An issue in OpenStack Storlets yoga-eom allows a remote attacker... |
| CVE-2024-29320 | 2024-04-30 | Wallos before 1.15.3 is vulnerable to SQL Injection via the... |
| CVE-2024-29384 | 2024-04-30 | An issue in CSS Exfil Protection v.1.1.0 allows a remote... |
| CVE-2024-31837 | 2024-04-30 | DMitry (Deepmagic Information Gathering Tool) 1.3a has a format-string vulnerability,... |
| CVE-2024-33101 | 2024-04-30 | A stored cross-site scripting (XSS) vulnerability in the component /action/anti.php... |
| CVE-2024-33102 | 2024-04-30 | A stored cross-site scripting (XSS) vulnerability in the component /pubs/counter.php... |
| CVE-2024-33103 | 2024-04-30 | An arbitrary file upload vulnerability in the Media Manager component... |
| CVE-2024-33267 | 2024-04-30 | SQL Injection vulnerability in Hero hfheropayment v.1.2.5 and before allows... |
| CVE-2024-33270 | 2024-04-30 | An issue in FME Modules fileuploads v.2.0.3 and before and... |
| CVE-2024-33273 | 2024-04-30 | SQL injection vulnerability in shipup before v.3.3.0 allows a remote... |
| CVE-2024-33274 | 2024-04-30 | Directory Traversal vulnerability in FME Modules customfields v.2.2.7 and before... |
| CVE-2024-33275 | 2024-04-30 | SQL injection vulnerability in Webbax supernewsletter v.1.4.21 and before allows... |
| CVE-2024-33308 | 2024-04-30 | An issue in TVS Motor Company Limited TVS Connet Android... |
| CVE-2024-33309 | 2024-04-30 | An issue in TVS Motor Company Limited TVS Connet Android... |
| CVE-2024-33371 | 2024-04-30 | Cross Site Scripting vulnerability in DedeCMS v.5.7.113 allows a remote... |
| CVE-2024-33383 | 2024-04-30 | Arbitrary File Read vulnerability in novel-plus 4.3.0 and before allows... |
| CVE-2024-33465 | 2024-04-30 | Cross Site Scripting vulnerability in MajorDoMo before v.0662e5e allows an... |
| CVE-2024-33831 | 2024-04-30 | A stored cross-site scripting (XSS) vulnerability in the Advanced Expectation... |
| CVE-2024-33832 | 2024-04-30 | OneNav v0.9.35-20240318 was discovered to contain a Server-Side Request Forgery... |
| CVE-2024-34088 | 2024-04-30 | In FRRouting (FRR) through 9.1, it is possible for the... |
| CVE-2024-34149 | 2024-04-30 | In Bitcoin Core through 27.0 and Bitcoin Knots before 25.1.knots20231115,... |
| CVE-2019-19751 | 2024-04-30 | easyMINE before 2019-12-05 ships with SSH host keys baked into... |
| CVE-2019-19752 | 2024-04-30 | nvOC through 3.2 ships with SSH host keys baked into... |
| CVE-2023-50915 | 2024-04-30 | An issue exists in GalaxyClientService.exe in GOG Galaxy (Beta) 2.0.67.2... |
| CVE-2024-29466 | 2024-04-30 | Directory Traversal vulnerability in lsgwr spring boot online exam v.0.9... |
| CVE-2024-33332 | 2024-04-30 | An issue discovered in SpringBlade 3.7.1 allows attackers to obtain... |
| CVE-2024-33436 | 2024-04-30 | An issue in CSS Exfil Protection v.1.1.0 allows a remote... |
| CVE-2024-33437 | 2024-04-30 | An issue in CSS Exfil Protection v.1.1.0 allows a remote... |
| CVE-2024-4327 | 2024-04-30 | Apryse WebViewer PDF Document cross site scripting |
| CVE-2024-4226 | 2024-04-30 | It was identified that in certain versions of Octopus Server,... |
| CVE-2024-0216 | 2024-04-30 | The Google Doc Embedder plugin for WordPress is vulnerable to... |
| CVE-2024-1371 | 2024-04-30 | The LeadConnector plugin for WordPress is vulnerable to unauthorized modification... |
| CVE-2024-4225 | 2024-04-30 | NGDIN_ST v2.0D.0062 - Multiple Vulnerabilities |
| CVE-2024-1895 | 2024-04-30 | The Event Monster – Event Management, Tickets Booking, Upcoming Event... |
| CVE-2024-3072 | 2024-04-30 | The ACF Front End Editor plugin for WordPress is vulnerable... |
| CVE-2024-4185 | 2024-04-30 | The Customer Email Verification for WooCommerce plugin for WordPress is... |
| CVE-2024-2663 | 2024-04-30 | The ZD YouTube FLV Player plugin for WordPress is vulnerable... |
| CVE-2024-4337 | 2024-04-30 | Múltiple vulnerabilities on Adive Framework |
| CVE-2024-4336 | 2024-04-30 | Múltiple vulnerabilities on Adive Framework |
| CVE-2024-22405 | 2024-04-30 | XADMaster may not apply quarantine attribute correctly to extracted files |
| CVE-2024-2377 | 2024-04-30 | A vulnerability exists in the too permissive HTTP response header... |
| CVE-2024-2617 | 2024-04-30 | A vulnerability exists in the RTU500 that allows for authenticated... |
| CVE-2024-2378 | 2024-04-30 | A vulnerability exists in the web-authentication component of the SDM600.... |
| CVE-2024-4340 | 2024-04-30 | Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError. |
| CVE-2024-25575 | 2024-04-30 | A type confusion vulnerability vulnerability exists in the way Foxit... |
| CVE-2024-25648 | 2024-04-30 | A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997... |
| CVE-2024-25938 | 2024-04-30 | A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997... |
| CVE-2023-38002 | 2024-04-30 | IBM Storage Scale session fixation |
| CVE-2024-2877 | 2024-04-30 | Vault Enterprise Leaks Sensitive HTTP Request Headers in the Audit Log When Deployed With a Performance Standby Node |
| CVE-2024-23463 | 2024-04-30 | Anti-Tampering bypass via Repair App functionality |
| CVE-2024-3411 | 2024-04-30 | Insufficient Randomness When Validating an IPMI Authenticated Session |