CVE List - 2024 / June
Showing 901 - 1000 of 3082 CVEs for June 2024 (Page 10 of 31)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-3850 | 2024-06-10 | Uniview NVR301-04S2-P4 Cross-site Scripting |
| CVE-2024-5597 | 2024-06-10 | Fuji Electric Monitouch V-SFT Type Confusion |
| CVE-2024-36409 | 2024-06-10 | SuiteCRM authenticated SQL Injection in TreeData entrypoint |
| CVE-2024-36410 | 2024-06-10 | SuiteCRM authenticated SQL Injection in EmailUIAjax messages count controller |
| CVE-2024-23299 | 2024-06-10 | The issue was addressed with improved checks. This issue is... |
| CVE-2024-27792 | 2024-06-10 | This issue was addressed by adding an additional prompt for... |
| CVE-2022-32897 | 2024-06-10 | A memory corruption issue was addressed with improved validation. This... |
| CVE-2023-40389 | 2024-06-10 | The issue was addressed with improved restriction of data container... |
| CVE-2022-48683 | 2024-06-10 | An access issue was addressed with additional sandbox restrictions. This... |
| CVE-2022-32933 | 2024-06-10 | An information disclosure issue was addressed by removing the vulnerable... |
| CVE-2022-48578 | 2024-06-10 | An out-of-bounds read was addressed with improved bounds checking. This... |
| CVE-2024-36411 | 2024-06-10 | SuiteCRM authenticated SQL Injection in EmailUIAjax displayView controller |
| CVE-2024-36412 | 2024-06-10 | SuiteCRM unauthenticated SQL Injection |
| CVE-2024-36413 | 2024-06-10 | SuiteCRM authenticated Reflected Cross-Site Scripting |
| CVE-2024-36414 | 2024-06-10 | SuiteCRM authenticated Server-Side Request Forgery |
| CVE-2024-22279 | 2024-06-10 | GoRouter Denial of Service Attack |
| CVE-2024-36415 | 2024-06-10 | SuiteCRM Improper Control of Filename for Include Statement in PHP and Unrestricted Upload of File with Dangerous content leads to authenticated remote code execution |
| CVE-2024-36417 | 2024-06-10 | SuiteCRM Stored XSS Vulnerability Allows Code Execution via Malicious iFrame |
| CVE-2024-36416 | 2024-06-10 | SuiteCRM v4 API Excessive log data DOS |
| CVE-2024-36418 | 2024-06-10 | SuiteCRM authenticated RCE using connectors |
| CVE-2024-27848 | 2024-06-10 | This issue was addressed with improved permissions checking. This issue... |
| CVE-2024-27833 | 2024-06-10 | An integer overflow was addressed with improved input validation. This... |
| CVE-2024-27844 | 2024-06-10 | The issue was addressed with improved checks. This issue is... |
| CVE-2024-27805 | 2024-06-10 | An issue was addressed with improved validation of environment variables.... |
| CVE-2024-27828 | 2024-06-10 | The issue was addressed with improved memory handling. This issue... |
| CVE-2024-23282 | 2024-06-10 | The issue was addressed with improved checks. This issue is... |
| CVE-2024-27812 | 2024-06-10 | The issue was addressed with improvements to the file handling... |
| CVE-2024-27845 | 2024-06-10 | A privacy issue was addressed with improved handling of temporary... |
| CVE-2024-27832 | 2024-06-10 | The issue was addressed with improved checks. This issue is... |
| CVE-2024-27808 | 2024-06-10 | The issue was addressed with improved memory handling. This issue... |
| CVE-2024-27799 | 2024-06-10 | This issue was addressed with additional entitlement checks. This issue... |
| CVE-2024-27815 | 2024-06-10 | An out-of-bounds write issue was addressed with improved input validation.... |
| CVE-2024-27819 | 2024-06-10 | The issue was addressed by restricting options offered on a... |
| CVE-2024-23251 | 2024-06-10 | An authentication issue was addressed with improved state management. This... |
| CVE-2024-27838 | 2024-06-10 | The issue was addressed by adding additional logic. This issue... |
| CVE-2024-27855 | 2024-06-10 | The issue was addressed with improved checks. This issue is... |
| CVE-2024-27802 | 2024-06-10 | An out-of-bounds read was addressed with improved input validation. This... |
| CVE-2024-27814 | 2024-06-10 | This issue was addressed through improved state management. This issue... |
| CVE-2024-27801 | 2024-06-10 | The issue was addressed with improved checks. This issue is... |
| CVE-2024-27817 | 2024-06-10 | The issue was addressed with improved checks. This issue is... |
| CVE-2024-27840 | 2024-06-10 | The issue was addressed with improved memory handling. This issue... |
| CVE-2024-27820 | 2024-06-10 | The issue was addressed with improved memory handling. This issue... |
| CVE-2024-27836 | 2024-06-10 | The issue was addressed with improved checks. This issue is... |
| CVE-2024-27800 | 2024-06-10 | This issue was addressed by removing the vulnerable code. This... |
| CVE-2024-27857 | 2024-06-10 | An out-of-bounds access issue was addressed with improved bounds checking.... |
| CVE-2024-27831 | 2024-06-10 | An out-of-bounds write issue was addressed with improved input validation.... |
| CVE-2024-27885 | 2024-06-10 | This issue was addressed with improved validation of symlinks. This... |
| CVE-2024-27850 | 2024-06-10 | This issue was addressed with improvements to the noise injection... |
| CVE-2024-27807 | 2024-06-10 | The issue was addressed with improved checks. This issue is... |
| CVE-2024-27811 | 2024-06-10 | The issue was addressed with improved checks. This issue is... |
| CVE-2024-27806 | 2024-06-10 | This issue was addressed with improved environment sanitization. This issue... |
| CVE-2024-27851 | 2024-06-10 | The issue was addressed with improved bounds checks. This issue... |
| CVE-2024-27830 | 2024-06-10 | This issue was addressed through improved state management. This issue... |
| CVE-2024-36419 | 2024-06-10 | SuiteCRM-Core Host Header Injection in /legacy |
| CVE-2024-32849 | 2024-06-10 | Trend Micro Security 17.x (Consumer) is vulnerable to a Privilege... |
| CVE-2024-35241 | 2024-06-10 | Composer vulnerable to command injection via malicious git branch name |
| CVE-2024-36302 | 2024-06-10 | An origin validation vulnerability in the Trend Micro Apex One... |
| CVE-2024-36303 | 2024-06-10 | An origin validation vulnerability in the Trend Micro Apex One... |
| CVE-2024-36304 | 2024-06-10 | A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One... |
| CVE-2024-36305 | 2024-06-10 | A security agent link following vulnerability in Trend Micro Apex... |
| CVE-2024-36306 | 2024-06-10 | A link following vulnerability in the Trend Micro Apex One... |
| CVE-2024-36307 | 2024-06-10 | A security agent link following vulnerability in Trend Micro Apex... |
| CVE-2024-36358 | 2024-06-10 | A link following vulnerability in Trend Micro Deep Security 20.x... |
| CVE-2024-36359 | 2024-06-10 | A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web... |
| CVE-2024-36473 | 2024-06-10 | Trend Micro VPN Proxy One Pro, version 5.8.1012 and below... |
| CVE-2024-37289 | 2024-06-10 | An improper access control vulnerability in Trend Micro Apex One... |
| CVE-2024-35242 | 2024-06-10 | Composer vulnerable to command injection via malicious git/hg branch names |
| CVE-2024-37166 | 2024-06-10 | ghtml Cross-Site Scripting (XSS) vulnerability |
| CVE-2024-37168 | 2024-06-10 | @grpc/grpc-js can allocate memory for incoming messages well above configured limits |
| CVE-2024-37169 | 2024-06-10 | @jmondi/url-to-png arbitrary file read via Playwright's screenshot feature exploiting file wrapper |
| CVE-2024-36471 | 2024-06-10 | Apache Allura: sensitive information exposure via DNS rebinding |
| CVE-2022-37019 | 2024-06-10 | HP PC BIOS May 2024 Security Updates for Potential Stack Buffer Overflows |
| CVE-2022-37020 | 2024-06-10 | HP PC BIOS May 2024 Security Updates for Potential Stack Buffer Overflows |
| CVE-2024-22244 | 2024-06-10 | Harbor Open Redirect URL |
| CVE-2024-22261 | 2024-06-10 | SQL Injection in Harbor scan log API |
| CVE-2024-26330 | 2024-06-11 | An issue was discovered in Kape CyberGhostVPN 8.4.3.12823 on Windows.... |
| CVE-2024-34405 | 2024-06-11 | Improper deep link validation in McAfee Security: Antivirus VPN for... |
| CVE-2024-34406 | 2024-06-11 | Improper exception handling in McAfee Security: Antivirus VPN for Android... |
| CVE-2024-36650 | 2024-06-11 | TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129,... |
| CVE-2024-36702 | 2024-06-11 | libiec61850 v1.5 was discovered to contain a heap overflow via... |
| CVE-2024-36821 | 2024-06-11 | Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows... |
| CVE-2024-37130 | 2024-06-11 | Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains a... |
| CVE-2024-37177 | 2024-06-11 | Cross-Site Scripting (XSS) vulnerabilities in SAP Financial Consolidation |
| CVE-2024-37178 | 2024-06-11 | Cross-Site Scripting (XSS) vulnerabilities in SAP Financial Consolidation |
| CVE-2023-6745 | 2024-06-11 | Custom Field Template <= 2.6.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode |
| CVE-2024-5090 | 2024-06-11 | SiteOrigin Widgets Bundle <= 1.61.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via SiteOrigin Blog Widget |
| CVE-2024-0627 | 2024-06-11 | Custom Field Template <= 2.6.1 - Authenticated(Constibutor+) Stored Cross-Site Scripting via Custom Field Name |
| CVE-2023-6748 | 2024-06-11 | Custom Field Template <= 2.6.1 - Authenticated(Contributor+) Information Exposure |
| CVE-2024-0653 | 2024-06-11 | Custom Field Template <= 2.6.1 - Authenticated (Admin+) Stored Cross-Site Scritping |
| CVE-2024-2473 | 2024-06-11 | WPS Hide Login <= 1.9.15.2 - Login Page Disclosure |
| CVE-2024-34688 | 2024-06-11 | Denial of service (DOS) in SAP NetWeaver AS Java (Meta Model Repository) |
| CVE-2024-33001 | 2024-06-11 | Denial of service (DOS) in SAP NetWeaver and ABAP platform |
| CVE-2024-34683 | 2024-06-11 | Unrestricted file upload in SAP Document Builder (HTTP service) |
| CVE-2024-34686 | 2024-06-11 | Cross-Site Scripting (XSS) vulnerability in SAP CRM (WebClient UI) |
| CVE-2024-37176 | 2024-06-11 | Missing Authorization check in SAP BW/4HANA Transformation and DTP |
| CVE-2024-34690 | 2024-06-11 | Missing Authorization check in SAP Student Life Cycle Management (SLcM) |
| CVE-2024-28164 | 2024-06-11 | Information Disclosure vulnerability in SAP NetWeaver AS Java (Guided Procedures) |
| CVE-2024-34684 | 2024-06-11 | Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Scheduling) |
| CVE-2024-34691 | 2024-06-11 | Missing Authorization check in SAP S/4HANA (Manage Incoming Payment Files) |
| CVE-2023-7264 | 2024-06-11 | Build App Online <= 1.0.21 - Account Takeover via Weak Password Reset Mechanism |