CVE List - 2024 / May
Showing 201 - 300 of 4997 CVEs for May 2024 (Page 3 of 50)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-27063 | 2024-05-01 | leds: trigger: netdev: Fix kernel panic on interface rename trig notify |
| CVE-2022-48669 | 2024-05-01 | powerpc/pseries: Fix potential memleak in papr_get_attr() |
| CVE-2023-52652 | 2024-05-01 | NTB: fix possible name leak in ntb_register_device() |
| CVE-2023-52653 | 2024-05-01 | SUNRPC: fix a memleak in gss_import_v2_context |
| CVE-2024-27064 | 2024-05-01 | netfilter: nf_tables: Fix a memory leak in nf_tables_updchain |
| CVE-2024-27065 | 2024-05-01 | netfilter: nf_tables: do not compare internal table flags on updates |
| CVE-2024-27066 | 2024-05-01 | virtio: packed: fix unmap leak for indirect desc table |
| CVE-2024-27067 | 2024-05-01 | xen/evtchn: avoid WARN() when unbinding an event channel |
| CVE-2024-27068 | 2024-05-01 | thermal/drivers/mediatek/lvts_thermal: Fix a memory leak in an error handling path |
| CVE-2024-27069 | 2024-05-01 | ovl: relax WARN_ON in ovl_verify_area() |
| CVE-2024-27070 | 2024-05-01 | f2fs: fix to avoid use-after-free issue in f2fs_filemap_fault |
| CVE-2024-27071 | 2024-05-01 | backlight: hx8357: Fix potential NULL pointer dereference |
| CVE-2024-27072 | 2024-05-01 | media: usbtv: Remove useless locks in usbtv_video_free() |
| CVE-2024-27073 | 2024-05-01 | media: ttpci: fix two memleaks in budget_av_attach |
| CVE-2024-27074 | 2024-05-01 | media: go7007: fix a memleak in go7007_load_encoder |
| CVE-2024-27075 | 2024-05-01 | media: dvb-frontends: avoid stack overflow warnings with clang |
| CVE-2024-27076 | 2024-05-01 | media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak |
| CVE-2024-27077 | 2024-05-01 | media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity |
| CVE-2024-27078 | 2024-05-01 | media: v4l2-tpg: fix some memleaks in tpg_alloc |
| CVE-2024-27079 | 2024-05-01 | iommu/vt-d: Fix NULL domain on device release |
| CVE-2024-27080 | 2024-05-01 | btrfs: fix race when detecting delalloc ranges during fiemap |
| CVE-2024-27388 | 2024-05-01 | SUNRPC: fix some memleaks in gssx_dec_option_array |
| CVE-2024-27389 | 2024-05-01 | pstore: inode: Only d_invalidate() is needed |
| CVE-2024-27390 | 2024-05-01 | ipv6: mcast: remove one synchronize_net() barrier in ipv6_mc_down() |
| CVE-2024-27391 | 2024-05-01 | wifi: wilc1000: do not realloc workqueue everytime an interface is added |
| CVE-2024-27392 | 2024-05-01 | nvme: host: fix double-free of struct nvme_id_ns in ns_update_nuse() |
| CVE-2024-24978 | 2024-05-01 | Denial-of-service (DoS) vulnerability exists in TvRock 0.9t8a. Receiving a specially... |
| CVE-2024-24912 | 2024-05-01 | Local privilege escalation in Harmony Endpoint Security Client for Windows via crafted DLL file |
| CVE-2024-26304 | 2024-05-01 | There is a buffer overflow vulnerability in the underlying L2/L3... |
| CVE-2024-26305 | 2024-05-01 | There is a buffer overflow vulnerability in the underlying Utility... |
| CVE-2024-33511 | 2024-05-01 | There is a buffer overflow vulnerability in the underlying Automatic... |
| CVE-2024-33512 | 2024-05-01 | There is a buffer overflow vulnerability in the underlying Local... |
| CVE-2023-49606 | 2024-05-01 | A use-after-free vulnerability exists in the HTTP Connection Headers parsing... |
| CVE-2023-47166 | 2024-05-01 | A firmware update vulnerability exists in the luci2-io file-import functionality... |
| CVE-2023-47212 | 2024-05-01 | A heap-based buffer overflow vulnerability exists in the comment functionality... |
| CVE-2024-28893 | 2024-05-01 | Certain HP software packages (SoftPaqs) are potentially vulnerable to arbitrary... |
| CVE-2024-33513 | 2024-05-01 | Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service... |
| CVE-2024-25015 | 2024-05-01 | IBM MQ denial of service |
| CVE-2024-23457 | 2024-05-01 | Anti-tampering can be disabled with uninstall password enforced |
| CVE-2024-33514 | 2024-05-01 | Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service... |
| CVE-2024-23480 | 2024-05-01 | Insecure MacOS code sign check fallback |
| CVE-2024-33515 | 2024-05-01 | Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service... |
| CVE-2024-33516 | 2024-05-01 | An unauthenticated Denial of Service (DoS) vulnerability exists in the... |
| CVE-2024-33517 | 2024-05-01 | An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Radio Frequency... |
| CVE-2024-33518 | 2024-05-01 | An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Radio Frequency... |
| CVE-2024-28764 | 2024-05-01 | IBM WebSphere Automation CSV injection |
| CVE-2024-20357 | 2024-05-01 | A vulnerability in the XML service of Cisco IP Phone... |
| CVE-2024-20378 | 2024-05-01 | A vulnerability in the web-based management interface of Cisco IP... |
| CVE-2024-20376 | 2024-05-01 | A vulnerability in the web-based management interface of Cisco IP... |
| CVE-2023-7241 | 2024-05-01 | Webroot Antivirus COM-Hijacking LPE |
| CVE-2024-29010 | 2024-05-01 | The XML document processed in the GMS ECM URL endpoint... |
| CVE-2024-29011 | 2024-05-01 | Use of hard-coded password in the GMS ECM endpoint leading... |
| CVE-2024-4142 | 2024-05-01 | JFrog Artifactory Improper input validation within token creation flow |
| CVE-2023-51631 | 2024-05-01 | D-Link DIR-X3260 prog.cgi SetUsersSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-50685 | 2024-05-02 | An issue in Hipcam Cameras RealServer v.1.0 allows a remote... |
| CVE-2024-25290 | 2024-05-02 | An issue in Casa Systems NL1901ACV R6B032 allows a remote... |
| CVE-2024-29309 | 2024-05-02 | An issue in Alfresco Content Services v.23.3.0.7 allows a remote... |
| CVE-2024-31963 | 2024-05-02 | A vulnerability on Mitel 6800 Series and 6900 Series SIP... |
| CVE-2024-31964 | 2024-05-02 | A vulnerability on Mitel 6800 Series and 6900 Series SIP... |
| CVE-2024-31965 | 2024-05-02 | A vulnerability on Mitel 6800 Series and 6900 Series SIP... |
| CVE-2024-31966 | 2024-05-02 | A vulnerability on Mitel 6800 Series and 6900 Series SIP... |
| CVE-2024-31967 | 2024-05-02 | A vulnerability on Mitel 6800 Series and 6900 Series SIP... |
| CVE-2024-32359 | 2024-05-02 | An RBAC authorization risk in Carina v0.13.0 and earlier allows... |
| CVE-2024-33302 | 2024-05-02 | SourceCodester Product Show Room 1.0 and before is vulnerable to... |
| CVE-2024-33303 | 2024-05-02 | SourceCodester Product Show Room 1.0 is vulnerable to Cross Site... |
| CVE-2024-33394 | 2024-05-02 | An issue in kubevirt kubevirt v1.2.0 and before allows a... |
| CVE-2024-33396 | 2024-05-02 | An issue in karmada-io karmada v1.9.0 and before allows a... |
| CVE-2024-33305 | 2024-05-02 | SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site... |
| CVE-2024-33530 | 2024-05-02 | In Jitsi Meet before 9391, a logic flaw in password-protected... |
| CVE-2024-2405 | 2024-05-02 | Float menu < 6.0.1 - Menu Deletion via CSRF |
| CVE-2024-3471 | 2024-05-02 | Button Generator < 3.0 - Button Deletion via CSRF |
| CVE-2024-3472 | 2024-05-02 | Modal Window < 5.3.10 - Modal Deletion via CSRF |
| CVE-2024-3474 | 2024-05-02 | Wow Skype Buttons < 4.0.4 - Button Deletion via CSRF |
| CVE-2024-3475 | 2024-05-02 | Sticky Buttons < 3.2.4 - Button Deletion via CSRF |
| CVE-2024-3476 | 2024-05-02 | Side Menu Lite < 4.2.1 - Menu Deletion via CSRF |
| CVE-2024-3477 | 2024-05-02 | Popup Box < 2.2.7 - Popup Deletion via CSRF |
| CVE-2024-3478 | 2024-05-02 | Herd Effects < 5.2.7 - Effect Deletion via CSRF |
| CVE-2024-3481 | 2024-05-02 | Counter Box < 1.2.4 - Counter Deletion via CSRF |
| CVE-2024-32971 | 2024-05-02 | Defect in query plan cache may cause incorrect operations to be executed in Apollo Router |
| CVE-2024-32962 | 2024-05-02 | XML signature verification bypass due improper verification of signature / signature spoofing |
| CVE-2024-3490 | 2024-05-02 | The WP Recipe Maker plugin for WordPress is vulnerable to... |
| CVE-2024-32882 | 2024-05-02 | Permission check bypass when editing a model with per-field restrictions in wagtail |
| CVE-2024-3280 | 2024-05-02 | The Follow Us Badges plugin for WordPress is vulnerable to... |
| CVE-2024-32114 | 2024-05-02 | Apache ActiveMQ: Jolokia and REST API were not secured with default configuration |
| CVE-2024-3883 | 2024-05-02 | The 3D FlipBook plugin for WordPress is vulnerable to Stored... |
| CVE-2024-32638 | 2024-05-02 | Apache APISIX: Forward-Auth Request Smuggling |
| CVE-2024-3955 | 2024-05-02 | Arbitrary code execution in CraftBeerPi 4 |
| CVE-2024-33913 | 2024-05-02 | WordPress Xserver Migrator plugin <= 1.6.1 - CSRF to Arbitrary File Upload vulnerability |
| CVE-2024-33930 | 2024-05-02 | WordPress Share This Image plugin <= 1.97 - Open Redirection vulnerability |
| CVE-2024-3005 | 2024-05-02 | The LA-Studio Element Kit for Elementor plugin for WordPress is... |
| CVE-2024-33922 | 2024-05-02 | WordPress WP Media Cleaner plugin <= 6.7.2 - Sensitive Data Exposure via Log File vulnerability |
| CVE-2024-33911 | 2024-05-02 | WordPress The School Management Pro plugin <= 10.3.4 - SQL Injection vulnerability |
| CVE-2024-33938 | 2024-05-02 | WordPress Sliding Widgets plugin <= 1.5.0 - Broken Access Control to XSS vulnerability |
| CVE-2024-33955 | 2024-05-02 | WordPress Freesia Empire theme <= 1.4.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-33954 | 2024-05-02 | WordPress Pliska theme <= 0.3.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-33953 | 2024-05-02 | WordPress Adventure Journal theme <= 1.7.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-33952 | 2024-05-02 | WordPress Unique theme <= 0.3.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-33956 | 2024-05-02 | WordPress Custom WooCommerce Checkout Fields Editor plugin <= 1.3.0 - Broken Access Control vulnerability |
| CVE-2024-33944 | 2024-05-02 | WordPress WooCommerce AWeber Newsletter Subscription plugin <= 4.0.2 - Unauthenticated Access Token Change/Reset vulnerability |
| CVE-2024-33942 | 2024-05-02 | WordPress Google Typography plugin <= 1.1.2 - Broken Access Control vulnerability |