CVE List - 2024 / May
Showing 1501 - 1600 of 4997 CVEs for May 2024 (Page 16 of 50)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-21480 | 2024-05-06 | Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Audio |
| CVE-2024-23351 | 2024-05-06 | Improper Access Control in Graphics Linux |
| CVE-2024-23354 | 2024-05-06 | Use After Free in Graphics Linux |
| CVE-2024-32982 | 2024-05-06 | Litestar and Starlite affected by Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') |
| CVE-2024-34064 | 2024-05-06 | Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter |
| CVE-2024-34069 | 2024-05-06 | Werkzeug's improper usage of a pathname and improper CSRF protection results in the remote command execution |
| CVE-2024-34078 | 2024-05-06 | html-sanitizer allows arbitrary HTML present after sanitization because of unicode normalization |
| CVE-2024-32807 | 2024-05-06 | WordPress Brevo for WooCommerce plugin <= 4.0.17 - Arbitrary File Download and Deletion vulnerability |
| CVE-2024-34388 | 2024-05-06 | WordPress GDPR Compliance plugin <= 1.2.5 - Sensitive Data Exposure vulnerability |
| CVE-2024-34383 | 2024-05-06 | WordPress SEOPress plugin <= 7.7.1 - Sensitive Data Exposure vulnerability |
| CVE-2024-34382 | 2024-05-06 | WordPress Photo Gallery, Images, Slider in Rbs Image Gallery plugin <= 3.2.18 - Sensitive Data Exposure vulnerability |
| CVE-2024-34368 | 2024-05-06 | WordPress Mooberry Book Manager plugin <= 4.15.12 - Sensitive Data Exposure vulnerability |
| CVE-2024-34412 | 2024-05-06 | WordPress ParcelPanel plugin <= 3.8.1 - Auth. SQL Injection vulnerability |
| CVE-2024-34386 | 2024-05-06 | WordPress Auto Affiliate Links plugin <= 6.4.3.1 - SQL Injection vulnerability |
| CVE-2024-34367 | 2024-05-06 | WordPress Popup Box plugin <= 4.1.2 - CSRF to XSS vulnerability |
| CVE-2024-34379 | 2024-05-06 | WordPress Restaurant and Cafe theme <= 1.2.1 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-34390 | 2024-05-06 | WordPress Post Grid Master plugin <= 3.4.8 - Auth. Cross Site Scripting (XSS) vulnerability |
| CVE-2024-34381 | 2024-05-06 | WordPress PropertyHive plugin <= 2.0.10 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-34380 | 2024-05-06 | WordPress ChatBot Conversational Forms plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-34376 | 2024-05-06 | WordPress Edge theme <= 2.0.9 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-34375 | 2024-05-06 | WordPress Sheets to WP Table Live Sync plugin <= 3.7.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-34374 | 2024-05-06 | WordPress ElementsReady Addons for Elementor plugin <= 5.8.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-34373 | 2024-05-06 | WordPress The Plus Addons for Elementor plugin <= 5.4.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-3661 | 2024-05-06 | DHCP routing options can manipulate interface-based VPN traffic |
| CVE-2024-34369 | 2024-05-06 | WordPress Web Push Notifications – Webpushr plugin <= 4.35.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-34366 | 2024-05-06 | WordPress AltText.ai plugin <= 1.3.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-34389 | 2024-05-06 | WordPress WP Post Author plugin <= 3.6.4 - Broken Access Control vulnerability |
| CVE-2024-34387 | 2024-05-06 | WordPress WP Post Author plugin <= 3.6.4 - Rating Value Manipulation vulnerability |
| CVE-2024-34378 | 2024-05-06 | WordPress LeadConnector plugin <= 1.7 - API Broken Access Control vulnerability |
| CVE-2024-34377 | 2024-05-06 | WordPress Video Gallery – Api Gallery, YouTube and Vimeo, Link Gallery plugin <= 1.5.3 - Broken Access Control vulnerability |
| CVE-2024-34372 | 2024-05-06 | WordPress Post Grid Master plugin <= 3.4.7 - Broken Access Control vulnerability |
| CVE-2024-34371 | 2024-05-06 | WordPress Login with phone number plugin <= 1.7.18 - Broken Access Control vulnerability |
| CVE-2024-33912 | 2024-05-06 | WordPress Academy LMS plugin <= 1.9.16 - Broken Access Control on Paid Courses vulnerability |
| CVE-2024-33910 | 2024-05-06 | WordPress Digital Publications by Supsystic plugin <= 1.7.7 - Broken Access Control vulnerability |
| CVE-2024-33908 | 2024-05-06 | WordPress WidgetKit plugin <= 2.5.0 - Broken Access Control vulnerability |
| CVE-2024-33907 | 2024-05-06 | WordPress Print My Blog plugin <= 3.26.2 - Broken Access Control vulnerability |
| CVE-2024-33599 | 2024-05-06 | nscd: Stack-based buffer overflow in netgroup cache |
| CVE-2024-33600 | 2024-05-06 | nscd: Null pointer crashes after notfound response |
| CVE-2024-33601 | 2024-05-06 | nscd: netgroup cache may terminate daemon on memory allocation failure |
| CVE-2024-33602 | 2024-05-06 | nscd: netgroup cache assumes NSS callback uses in-buffer strings |
| CVE-2024-33576 | 2024-05-06 | WordPress WPPizza plugin <= 3.18.10 - Broken Access Control vulnerability |
| CVE-2024-33570 | 2024-05-06 | WordPress MetForm plugin <= 3.8.3 - Broken Access Control vulnerability |
| CVE-2024-4568 | 2024-05-06 | Stack overflow in Xpdf 4.05 due to object loop in PDF resources |
| CVE-2024-34413 | 2024-05-06 | WordPress SliceWP Affiliates plugin <= 1.1.10 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-1695 | 2024-05-06 | A potential security vulnerability has been identified in the HP... |
| CVE-2024-29941 | 2024-05-06 | Credential Cloning |
| CVE-2024-2913 | 2024-05-06 | Race Condition Vulnerability in mintplex-labs/anything-llm |
| CVE-2024-25507 | 2024-05-07 | RuvarOA v6.01 and v12.01 were discovered to contain a SQL... |
| CVE-2024-25508 | 2024-05-07 | RuvarOA v6.01 and v12.01 were discovered to contain a SQL... |
| CVE-2024-25509 | 2024-05-07 | RuvarOA v6.01 and v12.01 were discovered to contain a SQL... |
| CVE-2024-25510 | 2024-05-07 | RuvarOA v6.01 and v12.01 were discovered to contain a SQL... |
| CVE-2024-25511 | 2024-05-07 | RuvarOA v6.01 and v12.01 were discovered to contain a SQL... |
| CVE-2024-25512 | 2024-05-07 | RuvarOA v6.01 and v12.01 were discovered to contain a SQL... |
| CVE-2024-25513 | 2024-05-07 | RuvarOA v6.01 and v12.01 were discovered to contain a SQL... |
| CVE-2024-25514 | 2024-05-07 | RuvarOA v6.01 and v12.01 were discovered to contain a SQL... |
| CVE-2024-29149 | 2024-05-07 | An issue was discovered in Alcatel-Lucent ALE NOE deskphones through... |
| CVE-2024-29150 | 2024-05-07 | An issue was discovered in Alcatel-Lucent ALE NOE deskphones through... |
| CVE-2024-32369 | 2024-05-07 | SQL Injection vulnerability in HSC Cybersecurity HC Mailinspector 5.2.17-3 through... |
| CVE-2024-32370 | 2024-05-07 | An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18... |
| CVE-2024-32371 | 2024-05-07 | An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18... |
| CVE-2024-33120 | 2024-05-07 | Roothub v2.5 was discovered to contain an arbitrary file upload... |
| CVE-2024-33122 | 2024-05-07 | Roothub v2.6 was discovered to contain a SQL injection vulnerability... |
| CVE-2024-33124 | 2024-05-07 | Roothub v2.6 was discovered to contain a SQL injection vulnerability... |
| CVE-2024-33139 | 2024-05-07 | J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2024-33144 | 2024-05-07 | J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2024-33147 | 2024-05-07 | J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2024-33148 | 2024-05-07 | J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2024-33149 | 2024-05-07 | J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2024-33153 | 2024-05-07 | J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2024-33155 | 2024-05-07 | J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2024-33161 | 2024-05-07 | J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2024-33434 | 2024-05-07 | An issue in tiagorlampert CHAOS before 1b451cf62582295b7225caf5a7b506f0bad56f6b and 24c9e109b5be34df7b2bce8368eae669c481ed5e allows... |
| CVE-2024-33748 | 2024-05-07 | Cross-site scripting (XSS) vulnerability in the search function in Maven... |
| CVE-2024-33780 | 2024-05-07 | MP-SPDZ v0.3.8 was discovered to contain a segmentation violation via... |
| CVE-2024-33781 | 2024-05-07 | MP-SPDZ v0.3.8 was discovered to contain a stack overflow via... |
| CVE-2024-33783 | 2024-05-07 | MP-SPDZ v0.3.8 was discovered to contain a segmentation violation via... |
| CVE-2024-33856 | 2024-05-07 | An issue was discovered in Logpoint before 7.4.0. An attacker... |
| CVE-2024-33857 | 2024-05-07 | An issue was discovered in Logpoint before 7.4.0. Due to... |
| CVE-2024-33858 | 2024-05-07 | An issue was discovered in Logpoint before 7.4.0. A path... |
| CVE-2024-33859 | 2024-05-07 | An issue was discovered in Logpoint before 7.4.0. HTML code... |
| CVE-2024-33860 | 2024-05-07 | An issue was discovered in Logpoint before 7.4.0. It allows... |
| CVE-2024-34315 | 2024-05-07 | CmsEasy v7.7.7.9 was discovered to contain a local file inclusion... |
| CVE-2024-34397 | 2024-05-07 | An issue was discovered in GNOME GLib before 2.78.5, and... |
| CVE-2024-34523 | 2024-05-07 | AChecker 1.5 allows remote attackers to read the contents of... |
| CVE-2023-42757 | 2024-05-07 | Process Explorer before 17.04 allows attackers to make it functionally... |
| CVE-2023-46012 | 2024-05-07 | Buffer Overflow vulnerability LINKSYS EA7500 3.0.1.207964 allows a remote attacker... |
| CVE-2024-33146 | 2024-05-07 | J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2024-33164 | 2024-05-07 | J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2024-33782 | 2024-05-07 | MP-SPDZ v0.3.8 was discovered to contain a stack overflow via... |
| CVE-2024-34314 | 2024-05-07 | CmsEasy v7.7.7.9 was discovered to contain a local file inclusion... |
| CVE-2024-34517 | 2024-05-07 | The Cypher component in Neo4j 5.0.0 through 5.18 mishandles IMMUTABLE... |
| CVE-2024-20821 | 2024-05-07 | A vulnerability possible to reconfigure OTP allows local attackers to... |
| CVE-2024-20856 | 2024-05-07 | Improper Authentication vulnerability in Secure Folder prior to SMR May-2024... |
| CVE-2024-20857 | 2024-05-07 | Improper access control vulnerability in startListening of CocktailBarService prior to... |
| CVE-2024-20858 | 2024-05-07 | Improper access control vulnerability in setCocktailHostCallbacks of CocktailBarService prior to... |
| CVE-2024-20859 | 2024-05-07 | Improper access control vulnerability in FactoryCamera prior to SMR May-2024... |
| CVE-2024-20860 | 2024-05-07 | Improper export of android application components vulnerability in TelephonyUI prior... |
| CVE-2024-20861 | 2024-05-07 | Use after free vulnerability in SveService prior to SMR May-2024... |
| CVE-2024-20862 | 2024-05-07 | Out-of-bounds write in SveService prior to SMR May-2024 Release 1... |
| CVE-2024-20863 | 2024-05-07 | Out of bounds write vulnerability in SNAP in HAL prior... |