CVE List - 2024 / June
Showing 1001 - 1100 of 3082 CVEs for June 2024 (Page 11 of 31)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-29855 | 2024-06-11 | Hard-coded JWT secret allows authentication bypass in Veeam Recovery Orchestrator |
| CVE-2024-36360 | 2024-06-11 | OS command injection vulnerability exists in awkblog v0.0.1 (commit hash:7b761b192d0e0dc3eef0f30630e00ece01c8d552)... |
| CVE-2024-31400 | 2024-06-11 | Insertion of sensitive information into sent data issue exists in... |
| CVE-2024-31401 | 2024-06-11 | Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows... |
| CVE-2024-31403 | 2024-06-11 | Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 6.0.0 allows... |
| CVE-2024-31404 | 2024-06-11 | Insertion of sensitive information into sent data issue exists in... |
| CVE-2024-5530 | 2024-06-11 | ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) <= 2.9.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via WL Product Horizontal Filter Widget |
| CVE-2024-31398 | 2024-06-11 | Insertion of sensitive information into sent data issue exists in... |
| CVE-2024-31402 | 2024-06-11 | Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows... |
| CVE-2024-4319 | 2024-06-11 | Advanced Contact form 7 DB <= 2.0.2 - Missing Authorization to Unauthenticated Information Disclosure |
| CVE-2024-3723 | 2024-06-11 | Advanced Contact form 7 DB <= 2.0.2 - Sensitive Information Exposure |
| CVE-2024-31399 | 2024-06-11 | Excessive platform resource consumption within a loop issue exists in... |
| CVE-2024-31397 | 2024-06-11 | Improper handling of extra values issue exists in Cybozu Garoon... |
| CVE-2024-3549 | 2024-06-11 | Blog2Social: Social Media Auto Post & Scheduler <= 7.4.1 - Authenticated (Subscriber+) SQL Injection |
| CVE-2020-11843 | 2024-06-11 | Potential information leakage in administrator enabled debug mode |
| CVE-2024-4266 | 2024-06-11 | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor <= 3.8.8 - Unauthenticated Sensitive Information Exposure |
| CVE-2024-5531 | 2024-06-11 | Ocean Extra <= 2.2.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Flickr Widget |
| CVE-2023-25799 | 2024-06-11 | WordPress Tutor LMS plugin <= 2.1.8 - Multiple Broken Access Control vulnerabilities |
| CVE-2023-28775 | 2024-06-11 | WordPress Yoast SEO Premium plugin <= 20.4 - Unauthenticated Zapier API Key Reset vulnerability |
| CVE-2023-33922 | 2024-06-11 | WordPress Elementor plugin <= 3.13.2 - Broken Access Control vulnerability |
| CVE-2024-35716 | 2024-06-11 | WordPress Copymatic plugin <= 1.9 - Broken Access Control vulnerability |
| CVE-2024-35692 | 2024-06-11 | WordPress GDPR/CCPA Cookie Consent Banner plugin <= 3.2 - Broken Access Control vulnerability |
| CVE-2023-52186 | 2024-06-11 | WordPress WooCommerce Product Vendors plugin <= 2.2.2 - Unauthenticated Broken Access Control vulnerability |
| CVE-2024-24704 | 2024-06-11 | WordPress Load More Anything plugin <= 3.3.3 - Broken Access Control vulnerability |
| CVE-2023-52217 | 2024-06-11 | WordPress WooCommerce Conversion Tracking plugin <= 2.0.11 - Broken Access Control vulnerability |
| CVE-2024-34824 | 2024-06-11 | WordPress SportsPress – Sports Club & League Manager plugin <= 2.7.20 - Broken Access Control vulnerability |
| CVE-2024-5584 | 2024-06-11 | WordPress Online Booking and Scheduling Plugin – Bookly <= 23.2 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Color Profile Parameter |
| CVE-2024-5829 | 2024-06-11 | smallweigit Avue avueUeditor cross site scripting |
| CVE-2024-34813 | 2024-06-11 | WordPress WooCommerce Wishlist plugin <= 1.7.8 - Broken Access Control vulnerability |
| CVE-2023-52179 | 2024-06-11 | WordPress Product Expiry for WooCommerce plugin <= 2.5 - Broken Access Control vulnerability |
| CVE-2024-35685 | 2024-06-11 | WordPress Radcliffe 2 theme <= 2.0.17 - Broken Access Control vulnerability |
| CVE-2023-38533 | 2024-06-11 | A vulnerability has been identified in TIA Administrator (All versions... |
| CVE-2023-50763 | 2024-06-11 | A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0)... |
| CVE-2024-33500 | 2024-06-11 | A vulnerability has been identified in Mendix Applications using Mendix... |
| CVE-2024-35206 | 2024-06-11 | A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0)... |
| CVE-2024-35207 | 2024-06-11 | A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0)... |
| CVE-2024-35208 | 2024-06-11 | A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0)... |
| CVE-2024-35209 | 2024-06-11 | A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0)... |
| CVE-2024-35210 | 2024-06-11 | A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0)... |
| CVE-2024-35211 | 2024-06-11 | A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0)... |
| CVE-2024-35212 | 2024-06-11 | A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0)... |
| CVE-2024-35292 | 2024-06-11 | A vulnerability has been identified in SIMATIC S7-200 SMART CPU... |
| CVE-2024-35303 | 2024-06-11 | A vulnerability has been identified in Tecnomatix Plant Simulation V2302... |
| CVE-2024-36266 | 2024-06-11 | A vulnerability has been identified in PowerSys (All versions <... |
| CVE-2024-5702 | 2024-06-11 | Memory corruption in the networking stack could have led to... |
| CVE-2024-5688 | 2024-06-11 | If a garbage collection was triggered at the right time,... |
| CVE-2024-5690 | 2024-06-11 | By monitoring the time certain operations take, an attacker could... |
| CVE-2024-5691 | 2024-06-11 | By tricking the browser with a `X-Frame-Options` header, a sandboxed... |
| CVE-2024-5692 | 2024-06-11 | On Windows 10, when using the 'Save As' functionality, an... |
| CVE-2024-5693 | 2024-06-11 | Offscreen Canvas did not properly track cross-origin tainting, which could... |
| CVE-2024-5696 | 2024-06-11 | By manipulating the text in an `<input>` tag, an attacker... |
| CVE-2024-5700 | 2024-06-11 | Memory safety bugs present in Firefox 126, Firefox ESR 115.11,... |
| CVE-2024-5687 | 2024-06-11 | If a specific sequence of actions is performed when opening... |
| CVE-2024-5689 | 2024-06-11 | In addition to detecting when a user was taking a... |
| CVE-2024-5694 | 2024-06-11 | An attacker could have caused a use-after-free in the JavaScript... |
| CVE-2024-5695 | 2024-06-11 | If an out-of-memory condition occurs at a specific point using... |
| CVE-2024-5697 | 2024-06-11 | A website was able to detect when a user took... |
| CVE-2024-5698 | 2024-06-11 | By manipulating the fullscreen feature while opening a data-list, an... |
| CVE-2024-5699 | 2024-06-11 | In violation of spec, cookie prefixes such as `__Secure` were... |
| CVE-2024-5701 | 2024-06-11 | Memory safety bugs present in Firefox 126. Some of these... |
| CVE-2024-2462 | 2024-06-11 | Allow attackers to intercept or falsify data exchanges between the... |
| CVE-2024-2461 | 2024-06-11 | If exploited an attacker could traverse the file system to... |
| CVE-2024-2013 | 2024-06-11 | An authentication bypass vulnerability exists in the FOXMAN-UN/UNEM server /... |
| CVE-2024-2012 | 2024-06-11 | vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway that... |
| CVE-2024-2011 | 2024-06-11 | A heap-based buffer overflow vulnerability exists in the FOXMAN-UN/UNEM that... |
| CVE-2024-28021 | 2024-06-11 | A vulnerability exists in the FOXMAN-UN/UNEM server that affects the... |
| CVE-2024-34442 | 2024-06-11 | WordPress weDocs plugin <= 2.1.4 - Broken Access Control vulnerability |
| CVE-2023-52183 | 2024-06-11 | WordPress WordPress Backup & Migration plugin <= 1.4.3 - Broken Access Control vulnerability |
| CVE-2024-35683 | 2024-06-11 | WordPress Leyka plugin <= 3.31.1 - Broken Access Control vulnerability |
| CVE-2024-35671 | 2024-06-11 | WordPress MJ Update History plugin <= 1.0.4 - Broken Access Control vulnerability |
| CVE-2024-5189 | 2024-06-11 | Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.23 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-28023 | 2024-06-11 | A vulnerability exists in the message queueing mechanism that if... |
| CVE-2024-37161 | 2024-06-11 | MeterSphere front-end editor stores XSS vulnerability |
| CVE-2024-35667 | 2024-06-11 | WordPress Shopping Cart & eCommerce Store plugin <= 5.5.19 - Broken Access Control vulnerability |
| CVE-2024-35665 | 2024-06-11 | WordPress Insert Post Ads plugin <= 1.3.2 - Broken Access Control vulnerability |
| CVE-2024-35235 | 2024-06-11 | Cupsd Listen arbitrary chmod 0140777 |
| CVE-2023-52199 | 2024-06-11 | WordPress ActivityPub plugin <= 1.0.5 - Unauthenticated Broken Access Control vulnerability |
| CVE-2024-37294 | 2024-06-11 | Aimeos denial of service vulnerability in SaaS and marketplace setups |
| CVE-2024-35663 | 2024-06-11 | WordPress WP Translate plugin <= 5.3.0 - Broken Access Control vulnerability |
| CVE-2022-40225 | 2024-06-11 | A vulnerability has been identified in SIPLUS TIM 1531 IRC... |
| CVE-2024-35628 | 2024-06-11 | WordPress Photo Gallery by 10Web plugin <= 1.8.25 - Broken Access Control vulnerability |
| CVE-2024-31495 | 2024-06-11 | A improper neutralization of special elements used in an sql... |
| CVE-2024-23110 | 2024-06-11 | A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through... |
| CVE-2024-23111 | 2024-06-11 | An improper neutralization of input during web page Generation ('Cross-site... |
| CVE-2023-46720 | 2024-06-11 | A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through... |
| CVE-2023-23775 | 2024-06-11 | Multiple improper neutralization of special elements used in SQL commands... |
| CVE-2024-21754 | 2024-06-11 | A use of password hash with insufficient computational effort vulnerability... |
| CVE-2024-26010 | 2024-06-11 | A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0... |
| CVE-2023-51498 | 2024-06-11 | WordPress WooCommerce Canada Post Shipping plugin <= 2.8.3 - Broken Access Control vulnerability |
| CVE-2024-37295 | 2024-06-11 | Aimeos Core remote code execution in web server context |
| CVE-2024-35168 | 2024-06-11 | WordPress WP Discourse plugin <= 2.5.1 - Broken Access Control vulnerability |
| CVE-2024-37296 | 2024-06-11 | Aimeos HTML client vulnerable to digital products download without proper payment status check |
| CVE-2024-32148 | 2024-06-11 | WordPress Pardot plugin <= 2.1.0 - Broken Access Control vulnerability |
| CVE-2024-24703 | 2024-06-11 | WordPress MultiVendorX plugin <= 4.0.25 - Broken Access Control vulnerability |
| CVE-2024-34820 | 2024-06-11 | WordPress If-So Dynamic Content Personalization plugin <= 1.7.1 - Broken Access Control vulnerability |
| CVE-2024-34826 | 2024-06-11 | WordPress CF7 WOW Styler plugin <= 1.6.4 - Broken Access Control vulnerability |
| CVE-2024-34822 | 2024-06-11 | WordPress weMail plugin <= 1.14.2 - Broken Access Control vulnerability |
| CVE-2023-51682 | 2024-06-11 | WordPress MC4WP plugin <= 4.9.9 - Broken Access Control vulnerability |
| CVE-2024-23521 | 2024-06-11 | WordPress Happyforms plugin <= 1.25.10 - Broken Access Control vulnerability |
| CVE-2024-5813 | 2024-06-11 | SSH Private Key Leak in BeyondInsight PasswordSafe |