CVE List - 2024 / May
Showing 501 - 600 of 4994 CVEs for May 2024 (Page 6 of 50)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-31673 | 2024-05-03 | Kliqqi-CMS 2.0.2 is vulnerable to SQL Injection in load_data.php via the userid parameter. |
| CVE-2024-33398 | 2024-05-03 | There is a ClusterRole in piraeus-operator v2.5.0 and earlier which has been granted list secrets permission, which allows an attacker to impersonate the service account bound to this ClusterRole and... |
| CVE-2024-33786 | 2024-05-03 | An arbitrary file upload vulnerability in Zhongcheng Kexin Ticketing Management Platform 20.04 allows attackers to execute arbitrary code via uploading a crafted file. |
| CVE-2024-33787 | 2024-05-03 | Hengan Weighing Management Information Query Platform 2019-2021 53.25 was discovered to contain a SQL injection vulnerability via the tuser_Number parameter at search_user.aspx. |
| CVE-2024-33789 | 2024-05-03 | Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the ipurl parameter at /API/info form endpoint. |
| CVE-2024-33791 | 2024-05-03 | A cross-site scripting (XSS) vulnerability in netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the getTimeZone function. |
| CVE-2024-33792 | 2024-05-03 | netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the tracert page. |
| CVE-2024-33793 | 2024-05-03 | netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the ping test page. |
| CVE-2024-34401 | 2024-05-03 | Savsoft Quiz 6.0 allows stored XSS via the index.php/quiz/insert_quiz/ quiz_name parameter. |
| CVE-2024-34408 | 2024-05-03 | Tencent libpag through 4.3.51 has an integer overflow in DecodeStream::checkEndOfFile() in codec/utils/DecodeStream.cpp via a crafted PAG (Portable Animated Graphics) file. |
| CVE-2024-34446 | 2024-05-03 | Mullvad VPN through 2024.1 on Android does not set a DNS server in the blocking state (after a hard failure to create a tunnel), and thus DNS traffic can leave... |
| CVE-2024-34449 | 2024-05-03 | Vditor 3.10.3 allows XSS via an attribute of an A element. NOTE: the vendor indicates that a user is supposed to mitigate this via sanitize=true. |
| CVE-2024-34453 | 2024-05-03 | TwoNav 2.1.13 contains an SSRF vulnerability via the url paramater to index.php?c=api&method=read_data&type=connectivity_test (which reaches /system/api.php). |
| CVE-2024-34455 | 2024-05-03 | Buildroot before 0b2967e lacks the sticky bit for the /dev/shm directory. A fix was released in 2024.02.2. |
| CVE-2024-28519 | 2024-05-03 | A kernel handle leak issue in ProcObsrvesx.sys 4.0.0.49 in MicroWorld Technologies Inc eScan Antivirus could allow privilege escalation for low-privileged users. |
| CVE-2024-33844 | 2024-05-03 | The 'control' in Parrot ANAFI USA firmware 1.10.4 does not check the MAV_MISSION_TYPE(0, 1, 2, 255), which allows attacker to cut off the connection between a controller and the drone... |
| CVE-2024-34402 | 2024-05-03 | An issue was discovered in uriparser through 0.9.7. ComposeQueryEngine in UriQuery.c has an integer overflow via long keys or values, with a resultant buffer overflow. |
| CVE-2024-34403 | 2024-05-03 | An issue was discovered in uriparser through 0.9.7. ComposeQueryMallocExMm in UriQuery.c has an integer overflow via a long string. |
| CVE-2024-34404 | 2024-05-03 | A vulnerability was discovered in the Alta Recovery Vault feature of Veritas NetBackup before 10.4 and NetBackup Appliance before 5.4. By design, only the cloud administrator should be able to... |
| CVE-2024-34447 | 2024-05-03 | An issue was discovered in the Bouncy Castle Crypto Package For Java before BC TLS Java 1.0.19 (ships with BC Java 1.78, BC Java (LTS) 2.73.6) and before BC FIPS... |
| CVE-2024-34032 | 2024-05-03 | SQL Injection in Delta Electronics DIAEnergie |
| CVE-2024-34031 | 2024-05-03 | SQL Injection vulnerability in Delta Electronics DIAEnergie |
| CVE-2024-34033 | 2024-05-03 | Path Traversal vulnerability in Delta Electronics DIAEnergie |
| CVE-2023-41222 | 2024-05-03 | D-Link DIR-3040 prog.cgi SetWan2Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-27322 | 2024-05-03 | Parallels Desktop Service Improper Initialization Local Privilege Escalation Vulnerability |
| CVE-2023-27323 | 2024-05-03 | Parallels Desktop Updater Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability |
| CVE-2023-27324 | 2024-05-03 | Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability |
| CVE-2023-27325 | 2024-05-03 | Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability |
| CVE-2023-27326 | 2024-05-03 | Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability |
| CVE-2023-27327 | 2024-05-03 | Parallels Desktop Toolgate Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability |
| CVE-2023-27328 | 2024-05-03 | Parallels Desktop Toolgate XML Injection Local Privilege Escalation Vulnerability |
| CVE-2023-27329 | 2024-05-03 | Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| CVE-2023-27330 | 2024-05-03 | Foxit PDF Reader XFA Annotation Use-After-Free Remote Code Execution Vulnerability |
| CVE-2023-27331 | 2024-05-03 | Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| CVE-2023-27332 | 2024-05-03 | TP-Link Archer AX21 tdpServer Logging Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-27333 | 2024-05-03 | TP-Link Archer AX21 tmpServer Command 0x422 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-27334 | 2024-05-03 | Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability |
| CVE-2023-27335 | 2024-05-03 | Softing edgeAggregator Client Cross-Site Scripting Remote Code Execution Vulnerability |
| CVE-2023-27336 | 2024-05-03 | Softing edgeConnector Siemens OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability |
| CVE-2023-27337 | 2024-05-03 | PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-27338 | 2024-05-03 | PDF-XChange Editor TIF File Parsing Use-After-Free Information Disclosure Vulnerability |
| CVE-2023-27339 | 2024-05-03 | PDF-XChange Editor PNG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-27340 | 2024-05-03 | PDF-XChange Editor PNG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-27341 | 2024-05-03 | PDF-XChange Editor TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-27342 | 2024-05-03 | PDF-XChange Editor EMF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| CVE-2023-27343 | 2024-05-03 | PDF-XChange Editor EMF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-27344 | 2024-05-03 | PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-27345 | 2024-05-03 | PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-27346 | 2024-05-03 | TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-27347 | 2024-05-03 | G DATA Total Security Link Following Local Privilege Escalation Vulnerability |
| CVE-2023-27348 | 2024-05-03 | PDF-XChange Editor TIF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| CVE-2023-27349 | 2024-05-03 | BlueZ Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability |
| CVE-2023-27356 | 2024-05-03 | NETGEAR RAX30 logCtrl Command Injection Remote Code Execution Vulnerability |
| CVE-2023-27357 | 2024-05-03 | NETGEAR RAX30 GetInfo Missing Authentication Information Disclosure Vulnerability |
| CVE-2023-27358 | 2024-05-03 | NETGEAR RAX30 SOAP Request SQL Injection Remote Code Execution Vulnerability |
| CVE-2023-27359 | 2024-05-03 | TP-Link AX1800 hotplugd Firewall Rule Race Condition Vulnerability |
| CVE-2023-27360 | 2024-05-03 | NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability |
| CVE-2023-27361 | 2024-05-03 | NETGEAR RAX30 rex_cgi JSON Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-27362 | 2024-05-03 | 3CX Uncontrolled Search Path Local Privilege Escalation Vulnerability |
| CVE-2023-27363 | 2024-05-03 | Foxit PDF Reader exportXFAData Exposed Dangerous Method Remote Code Execution Vulnerability |
| CVE-2023-27364 | 2024-05-03 | Foxit PDF Editor XLS File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability |
| CVE-2023-27365 | 2024-05-03 | Foxit PDF Editor DOC File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability |
| CVE-2023-27366 | 2024-05-03 | Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| CVE-2023-27367 | 2024-05-03 | NETGEAR RAX30 libcms_cli Command Injection Remote Code Execution Vulnerability |
| CVE-2023-27368 | 2024-05-03 | NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability |
| CVE-2023-27369 | 2024-05-03 | NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerability |
| CVE-2023-27370 | 2024-05-03 | NETGEAR RAX30 Device Configuration Cleartext Storage Information Disclosure Vulnerability |
| CVE-2023-32131 | 2024-05-03 | Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-32132 | 2024-05-03 | Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-32133 | 2024-05-03 | Sante DICOM Viewer Pro J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-32134 | 2024-05-03 | Sante DICOM Viewer Pro DCM File Parsing Use-After-Free Remote Code Execution Vulnerability |
| CVE-2023-32135 | 2024-05-03 | Sante DICOM Viewer Pro DCM File Parsing Use-After-Free Information Disclosure Vulnerability |
| CVE-2023-32136 | 2024-05-03 | D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-32137 | 2024-05-03 | D-Link DAP-1360 webproc WEB_DisplayPage Directory Traversal Information Disclosure Vulnerability |
| CVE-2023-32138 | 2024-05-03 | D-Link DAP-1360 webproc Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-32139 | 2024-05-03 | D-Link DAP-1360 webproc Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-32140 | 2024-05-03 | D-Link DAP-1360 webproc var:sys_Token Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-32141 | 2024-05-03 | D-Link DAP-1360 webproc WEB_DisplayPage Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-32142 | 2024-05-03 | D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-32143 | 2024-05-03 | D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability |
| CVE-2023-32144 | 2024-05-03 | D-Link DAP-1360 webproc COMM_MakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-32145 | 2024-05-03 | D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability |
| CVE-2023-32146 | 2024-05-03 | D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-32147 | 2024-05-03 | D-Link DIR-2640 LocalIPAddress Command Injection Remote Code Execution Vulnerability |
| CVE-2023-32148 | 2024-05-03 | D-Link DIR-2640 HNAP PrivateLogin Authentication Bypass Vulnerability |
| CVE-2023-32149 | 2024-05-03 | D-Link DIR-2640 prog.cgi Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-32150 | 2024-05-03 | D-Link DIR-2640 PrefixLen Command Injection Remote Code Execution Vulnerability |
| CVE-2023-32151 | 2024-05-03 | D-Link DIR-2640 DestNetwork Command Injection Remote Code Execution Vulnerability |
| CVE-2023-32152 | 2024-05-03 | D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability |
| CVE-2023-32153 | 2024-05-03 | D-Link DIR-2640 EmailFrom Command Injection Remote Code Execution Vulnerability |
| CVE-2023-32154 | 2024-05-03 | Mikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-32155 | 2024-05-03 | Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vulnerability |
| CVE-2023-32156 | 2024-05-03 | Tesla Model 3 Gateway Firmware Signature Validation Bypass Vulnerability |
| CVE-2023-32157 | 2024-05-03 | Tesla Model 3 bsa_server BIP Heap-based Buffer Overflow Arbitrary Code Execution Vulnerability |
| CVE-2023-32158 | 2024-05-03 | PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-32159 | 2024-05-03 | PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-32160 | 2024-05-03 | PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-32161 | 2024-05-03 | PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-32164 | 2024-05-03 | D-Link D-View TftpSendFileThread Directory Traversal Information Disclosure Vulnerability |
| CVE-2023-32165 | 2024-05-03 | D-Link D-View TftpReceiveFileHandler Directory Traversal Remote Code Execution Vulnerability |