CVE List - 2024 / May
Showing 4601 - 4700 of 4997 CVEs for May 2024 (Page 47 of 50)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-22187 | 2024-05-28 | A write-what-where vulnerability exists in the Programming Software Connection Remote... |
| CVE-2024-24962 | 2024-05-28 | A stack-based buffer overflow vulnerability exists in the Programming Software... |
| CVE-2024-24963 | 2024-05-28 | A stack-based buffer overflow vulnerability exists in the Programming Software... |
| CVE-2024-24954 | 2024-05-28 | Several out-of-bounds write vulnerabilities exist in the Programming Software Connection... |
| CVE-2024-24955 | 2024-05-28 | Several out-of-bounds write vulnerabilities exist in the Programming Software Connection... |
| CVE-2024-24956 | 2024-05-28 | Several out-of-bounds write vulnerabilities exist in the Programming Software Connection... |
| CVE-2024-24957 | 2024-05-28 | Several out-of-bounds write vulnerabilities exist in the Programming Software Connection... |
| CVE-2024-24958 | 2024-05-28 | Several out-of-bounds write vulnerabilities exist in the Programming Software Connection... |
| CVE-2024-24959 | 2024-05-28 | Several out-of-bounds write vulnerabilities exist in the Programming Software Connection... |
| CVE-2024-24946 | 2024-05-28 | A heap-based buffer overflow vulnerability exists in the Programming Software... |
| CVE-2024-24947 | 2024-05-28 | A heap-based buffer overflow vulnerability exists in the Programming Software... |
| CVE-2024-24851 | 2024-05-28 | A heap-based buffer overflow vulnerability exists in the Programming Software... |
| CVE-2024-35621 | 2024-05-28 | A cross-site scripting (XSS) vulnerability in the Edit function of... |
| CVE-2024-33799 | 2024-05-28 | A SQL injection vulnerability in /model/get_teacher.php in campcodes Complete Web-Based... |
| CVE-2024-33800 | 2024-05-28 | A SQL injection vulnerability in /model/get_student1.php in campcodes Complete Web-Based... |
| CVE-2024-33801 | 2024-05-28 | A SQL injection vulnerability in /model/get_subject_routing.php in campcodes Complete Web-Based... |
| CVE-2024-33802 | 2024-05-28 | A SQL injection vulnerability in /model/get_student_subject.php in campcodes Complete Web-Based... |
| CVE-2024-33803 | 2024-05-28 | A SQL injection vulnerability in /model/get_exam.php in campcodes Complete Web-Based... |
| CVE-2024-33804 | 2024-05-28 | A SQL injection vulnerability in /model/get_subject.php in campcodes Complete Web-Based... |
| CVE-2024-33805 | 2024-05-28 | A SQL injection vulnerability in /model/get_student.php in campcodes Complete Web-Based... |
| CVE-2024-33806 | 2024-05-28 | A SQL injection vulnerability in /model/get_grade.php in campcodes Complete Web-Based... |
| CVE-2024-33807 | 2024-05-28 | A SQL injection vulnerability in /model/get_teacher_timetable.php in campcodes Complete Web-Based... |
| CVE-2024-33808 | 2024-05-28 | A SQL injection vulnerability in /model/get_timetable.php in campcodes Complete Web-Based... |
| CVE-2024-36472 | 2024-05-28 | In GNOME Shell through 45.7, a portal helper can be... |
| CVE-2024-22590 | 2024-05-28 | The TLS engine in Kwik commit 745fd4e2 does not track... |
| CVE-2024-30212 | 2024-05-28 | Microchip Harmony 3 Core library allows read and write access to RAM via a SCSI READ or WRITE command |
| CVE-2024-35403 | 2024-05-28 | TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow... |
| CVE-2024-35401 | 2024-05-28 | TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a command injection... |
| CVE-2024-34852 | 2024-05-28 | F-logic DataCube3 v1.0 is affected by command injection due to... |
| CVE-2024-34854 | 2024-05-28 | F-logic DataCube3 v1.0 is vulnerable to File Upload via `/admin/transceiver_schedule.php.` |
| CVE-2024-26024 | 2024-05-28 | SUBNET Substation Server Reliance on Insufficiently Trustworthy Component |
| CVE-2024-35563 | 2024-05-28 | CDG-Server-V5.6.2.126.139 and earlier was discovered to contain a SQL injection... |
| CVE-2024-30164 | 2024-05-28 | Amazon AWS Client VPN has a buffer overflow that could... |
| CVE-2024-30165 | 2024-05-28 | Amazon AWS Client VPN before 3.9.1 on macOS has a... |
| CVE-2024-35343 | 2024-05-28 | Certain Anpviz products allow unauthenticated users to download arbitrary files... |
| CVE-2024-35342 | 2024-05-28 | Certain Anpviz products allow unauthenticated users to modify or disable... |
| CVE-2024-35341 | 2024-05-28 | Certain Anpviz products allow unauthenticated users to download the running... |
| CVE-2024-35344 | 2024-05-28 | Certain Anpviz products contain a hardcoded cryptographic key stored in... |
| CVE-2024-33402 | 2024-05-28 | A SQL injection vulnerability in /model/approve_petty_cash.php in campcodes Complete Web-Based... |
| CVE-2023-43842 | 2024-05-28 | Incorrect access control in the account management function of web... |
| CVE-2023-43843 | 2024-05-28 | Incorrect access control in the account management function of web... |
| CVE-2023-43844 | 2024-05-28 | Aten PE6208 2.3.228 and 2.4.232 have default credentials for the... |
| CVE-2023-43845 | 2024-05-28 | Aten PE6208 2.3.228 and 2.4.232 have default credentials for the... |
| CVE-2023-43846 | 2024-05-28 | Incorrect access control in logs management function of web interface... |
| CVE-2023-43847 | 2024-05-28 | Incorrect access control in the outlet control function of web... |
| CVE-2023-43848 | 2024-05-28 | Incorrect access control in the firewall management function of web... |
| CVE-2023-43849 | 2024-05-28 | Incorrect access control in firmware upgrade function of web interface... |
| CVE-2023-43850 | 2024-05-28 | Improper input validation in the user management function of web... |
| CVE-2024-24919 | 2024-05-28 | Information disclosure |
| CVE-2024-36110 | 2024-05-28 | Cross-site scripting in ansibleguy-webui |
| CVE-2024-5433 | 2024-05-28 | Path Traversal in Campbell Scientific CSI Web Server and RTMC |
| CVE-2024-36109 | 2024-05-28 | Cross-site Scripting with Markdown rendering in CoCalc |
| CVE-2024-5434 | 2024-05-28 | Weak Encoding for Password vulnerability in Campbell Scientific CSI Web Server and RTMC |
| CVE-2024-36107 | 2024-05-28 | Information disclosure in minio |
| CVE-2024-33450 | 2024-05-28 | SQL Injection in Finereport v.8.0 allows a remote attacker to... |
| CVE-2023-30311 | 2024-05-28 | An issue discovered in H3C Magic R365 and H3C Magic... |
| CVE-2023-30305 | 2024-05-28 | An issue discovered in Linksys E5600 routers allows attackers to... |
| CVE-2023-46694 | 2024-05-28 | Vtenext 21.02 allows an authenticated attacker to upload arbitrary files,... |
| CVE-2022-45171 | 2024-05-28 | An issue was discovered in LIVEBOX Collaboration vDesk through v018.... |
| CVE-2023-30307 | 2024-05-28 | An issue discovered in TP-LINK TL-R473GP-AC, TP-LINK XDR6020, TP-LINK TL-R479GP-AC,... |
| CVE-2024-35510 | 2024-05-28 | An arbitrary file upload vulnerability in /dede/file_manage_control.php of DedeCMS v5.7.114... |
| CVE-2024-28061 | 2024-05-28 | An issue was discovered in Apiris Kafeo 6.4.4. It permits... |
| CVE-2023-30308 | 2024-05-28 | An issue discovered in Ruijie EG210G-P, Ruijie EG105G-V2, Ruijie NBR,... |
| CVE-2024-35582 | 2024-05-28 | A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System... |
| CVE-2023-30309 | 2024-05-28 | An issue discovered in D-Link DI-7003GV2 routers allows attackers to... |
| CVE-2024-35581 | 2024-05-28 | A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System... |
| CVE-2024-35583 | 2024-05-28 | A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System... |
| CVE-2023-30310 | 2024-05-28 | An issue discovered in Comfast Comfast CF-616AC routers allows attackers... |
| CVE-2023-30306 | 2024-05-28 | An issue discovered in Mercury x30g, Mercury YR1800XG routers allows... |
| CVE-2024-28060 | 2024-05-28 | An issue was discovered in Apiris Kafeo 6.4.4. It permits... |
| CVE-2023-30313 | 2024-05-28 | An issue discovered in Wavlink QUANTUM D2G routers allows attackers... |
| CVE-2024-35239 | 2024-05-28 | Stored Cross-site Scripting on Components of Umbraco Forms |
| CVE-2024-35240 | 2024-05-28 | Stored Cross-site Scripting on Print Functionality in Umbraco Commerce |
| CVE-2024-22641 | 2024-05-28 | TCPDF version 6.6.5 and before is vulnerable to ReDoS (Regular... |
| CVE-2024-35548 | 2024-05-28 | A SQL injection vulnerability in Mybatis plus versions below 3.5.6... |
| CVE-2024-35511 | 2024-05-28 | phpgurukul Men Salon Management System v2.0 is vulnerable to SQL... |
| CVE-2024-35226 | 2024-05-28 | PHP Code Injection by malicious attribute in extends-tag in Smarty |
| CVE-2024-23579 | 2024-05-28 | HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of security questions |
| CVE-2024-23580 | 2024-05-28 | HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of One-Time Passwords (OTPs) |
| CVE-2023-30314 | 2024-05-28 | An issue discovered in 360 V6G, 360 T5G, 360 T6M,... |
| CVE-2024-36112 | 2024-05-28 | Nautobot dynamic-group-members doesn't enforce permission restrictions on member objects |
| CVE-2024-5437 | 2024-05-28 | SourceCodester Simple Online Bidding System save_category cross site scripting |
| CVE-2024-36427 | 2024-05-29 | The file-serving function in TARGIT Decision Suite before 24.06.19002 (TARGIT... |
| CVE-2024-5204 | 2024-05-29 | Swiss Toolkit For WP <= 1.0.7 - Authenticated (Contributor+) Authentication Bypass |
| CVE-2024-5150 | 2024-05-29 | Login with phone number <= 1.7.26 - Authentication Bypass due to Missing Empty Value Check |
| CVE-2024-0434 | 2024-05-29 | WordPress Tour & Travel Booking Plugin for WooCommerce – WpTravelly <= 1.7.1 - Missing Authorization via ttbm_new_place_save |
| CVE-2023-6743 | 2024-05-29 | Unlimited Elements for Elementor <= 1.5.89 - Authenticated(Contributor+) Remote Code Execution via template import |
| CVE-2024-4611 | 2024-05-29 | AppPresser <= 4.3.2 - Improper Missing Encryption Exception Handling to Authentication Bypass |
| CVE-2024-21512 | 2024-05-29 | Versions of the package mysql2 before 3.9.8 are vulnerable to... |
| CVE-2024-4419 | 2024-05-29 | Fetch JFT <= 1.8.3 - Authenticated (Administrator+) Stored Cross-Site Scripting |
| CVE-2024-3050 | 2024-05-29 | Site Reviews < 7.0.0 - IP Spoofing |
| CVE-2024-3921 | 2024-05-29 | Gianism <= 5.1.0 - Admin+ Stored XSS |
| CVE-2024-3937 | 2024-05-29 | Playlist for Youtube <= 1.32 - Editor+ Stored XSS |
| CVE-2024-36014 | 2024-05-29 | drm/arm/malidp: fix a possible null pointer dereference |
| CVE-2024-5086 | 2024-05-29 | Essential Addons for Elementor PRO – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.8.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Member Carousel Widget |
| CVE-2024-36015 | 2024-05-29 | ppdev: Add an error check in register_device |
| CVE-2024-3412 | 2024-05-29 | WP STAGING WordPress Backup Plugin – Migration Backup Restore <= 3.4.3 - Authenticated (Admin+) Arbitrary File Upload |
| CVE-2024-28826 | 2024-05-29 | Unrestricted upload and download paths in check_sftp |
| CVE-2023-52881 | 2024-05-29 | tcp: do not accept ACK of bytes we never sent |
| CVE-2024-27313 | 2024-05-29 | XSS Vulnerability |