CVE List - 2024 / June

Showing 2901 - 3000 of 3082 CVEs for June 2024 (Page 30 of 31)

Back to List Previous Next

CVE ID	Date	Title
CVE-2024-6367	2024-06-27	LabVantage LIMS POST Request cross site scripting
CVE-2024-6368	2024-06-27	LabVantage LIMS POST Request cross site scripting
CVE-2024-6369	2024-06-27	LabVantage LIMS POST Request cross site scripting
CVE-2024-6370	2024-06-27	LabVantage LIMS POST Request cross site scripting
CVE-2024-6371	2024-06-27	itsourcecode Pool of Bethesda Online Reservation System controller.php sql injection
CVE-2024-6372	2024-06-27	itsourcecode Tailoring Management System customeradd.php sql injection
CVE-2024-6373	2024-06-27	itsourcecode Online Food Ordering System addproduct.php unrestricted upload
CVE-2024-1107	2024-06-27	IDOR in Talya Informatics' Travel APPS
CVE-2024-1153	2024-06-27	Improper Access Control in Talya Informatics' Travel APPS
CVE-2024-6374	2024-06-27	lahirudanushka School Management System Subject Page subject.php cross site scripting
CVE-2024-6388	2024-06-27	Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before...
CVE-2024-31883	2024-06-27	IBM Security Verify Access denial of service
CVE-2023-30430	2024-06-27	IBM Security Verify Access information disclosure
CVE-2024-39373	2024-06-27	Improper Neutralization of Special Elements used in a Command in TELSAT marKoni FM Transmitter
CVE-2024-39374	2024-06-27	Use of Hard-coded Credentials in TELSAT marKoni FM Transmitter
CVE-2024-39375	2024-06-27	Use of Client-Side Authentication in TELSAT marKoni FM Transmitter
CVE-2024-39376	2024-06-27	Improper Access Control In TELSAT MarKoni FM Transmitter
CVE-2024-35153	2024-06-27	IBM WebSphere Application Server cross-site scripting
CVE-2024-35260	2024-06-27	Microsoft Dataverse Remote Code Execution Vulnerability
CVE-2024-5334	2024-06-27	Local File Read in stitionai/devika
CVE-2024-5547	2024-06-27	Directory Traversal in stitionai/devika
CVE-2024-5548	2024-06-27	Directory Traversal in stitionai/devika
CVE-2024-24792	2024-06-27	Panic when parsing invalid palette-color images in golang.org/x/image
CVE-2023-42011	2024-06-27	IBM Sterling B2B Integrator Standard Edition tapjacking
CVE-2024-31916	2024-06-27	IBM OpenBMC information disclosure
CVE-2023-42014	2024-06-27	IBM Sterling B2B Integrator Standard Edition cross-site scripting
CVE-2023-38371	2024-06-27	IBM Security Access Manager Docker information disclosure
CVE-2024-3043	2024-06-27	Zigbee co-ordinator realignment packet may lead to denial of service
CVE-2023-30998	2024-06-27	IBM Security Access Manager Docker privilege escalation
CVE-2023-30997	2024-06-27	IBM Security Access Manager Docker privilege escalation
CVE-2023-38368	2024-06-27	IBM Security Access Manager Docker information disclosure
CVE-2023-38370	2024-06-27	IBM Security Access Manager Docker information disclosure
CVE-2024-4578	2024-06-27	Privilege escalation in Arista Wireless Access Points
CVE-2024-3017	2024-06-27	Denial of service in multi-protocol gateway - Zigbee + Thread
CVE-2024-3330	2024-06-27	Spotfire Remote Code Execution Vulnerability
CVE-2024-5979	2024-06-27	Denial of Service via Invalid Argument in h2oai/h2o-3
CVE-2024-5826	2024-06-27	Remote Code Execution via Prompt Injection in vanna-ai/vanna
CVE-2024-5751	2024-06-27	Remote Code Execution in BerriAI/litellm
CVE-2024-6090	2024-06-27	Path Traversal Vulnerability in gaizhenbiao/chuanhuchatgpt
CVE-2024-5820	2024-06-27	Unprotected WebSocket in stitionai/devika
CVE-2024-5710	2024-06-27	Improper Access Control in Team Management in berriai/litellm
CVE-2024-6250	2024-06-27	Absolute Path Traversal in parisneo/lollms-webui
CVE-2024-6038	2024-06-27	ReDoS Vulnerability in gaizhenbiao/chuanhuchatgpt
CVE-2024-5714	2024-06-27	Improper Access Control in lunary-ai/lunary
CVE-2024-5822	2024-06-27	Server-Side Request Forgery (SSRF) in gaizhenbiao/ChuanhuChatGPT
CVE-2024-6085	2024-06-27	Path Traversal in parisneo/lollms
CVE-2024-5885	2024-06-27	Server-Side Request Forgery (SSRF) in stangirard/quivr
CVE-2024-5824	2024-06-27	Path Traversal in parisneo/lollms
CVE-2024-5936	2024-06-27	Open Redirect in imartinez/privategpt
CVE-2024-5755	2024-06-27	Email Validation Bypass in lunary-ai/lunary
CVE-2024-5935	2024-06-27	CSRF Vulnerability in imartinez/privategpt
CVE-2024-6139	2024-06-27	Path Traversal in parisneo/lollms
CVE-2024-6086	2024-06-27	Improper Access Control in lunary-ai/lunary
CVE-2024-5933	2024-06-27	Cross-site Scripting (XSS) in parisneo/lollms-webui
CVE-2024-5980	2024-06-27	Arbitrary File Write via /v1/runs API endpoint in lightning-ai/pytorch-lightning
CVE-2024-3331	2024-06-27	Spotfire: NTLM token leakage
CVE-2024-2882	2024-06-27	Missing Authorization in SDG Technologies PnPSCADA
CVE-2024-38523	2024-06-27	Hush Line OTP issue
CVE-2024-6127	2024-06-27	BC Security Empire Path Traversal RCE
CVE-2024-2973	2024-06-27	Session Smart Router(SSR): On redundant router deployments API authentication can be bypassed
CVE-2024-22260	2024-06-27	VMware Workspace One UEM update addresses an information exposure vulnerability....
CVE-2024-22272	2024-06-27	VMware Cloud Director contains an Improper Privilege Management vulnerability. An...
CVE-2024-22276	2024-06-27	VMware Cloud Director Object Storage Extension contains an Insertion of...
CVE-2024-5642	2024-06-27	Buffer overread when using an empty list with SSLContext.set_npn_protocols()
CVE-2024-4395	2024-06-27	Lack of Client Validation in Jamf Compliance Editor's Helper Service May Result in Privilege Escalation
CVE-2024-6071	2024-06-27	PTC Creo Elements/Direct License Server Missing Authorization
CVE-2024-27628	2024-06-28	Buffer Overflow vulnerability in DCMTK v.3.6.8 allows an attacker to...
CVE-2024-27629	2024-06-28	An issue in dc2niix before v.1.0.20240202 allows a local attacker...
CVE-2024-37741	2024-06-28	OpenPLC 3 through 9cd8f1b allows XSS via an SVG document...
CVE-2024-39828	2024-06-28	R74n Sandboxels 1.9 through 1.9.5 allows XSS via a message...
CVE-2019-25211	2024-06-28	parseWildcardRules in Gin-Gonic CORS middleware before 1.6.0 mishandles a wildcard...
CVE-2024-37370	2024-06-28	In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker...
CVE-2024-37371	2024-06-28	In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker...
CVE-2024-39704	2024-06-28	Soft Circle French-Bread Melty Blood: Actress Again: Current Code through...
CVE-2024-37137	2024-06-28	Dell Key Trust Platform, v3.0.6 and prior, contains Use of...
CVE-2024-5863	2024-06-28	Easy Image Collage <= 1.13.5 - Missing Authorization to Authenticated (Contributor+) Data Clearance
CVE-2024-5864	2024-06-28	Easy Affiliate Links <= 3.7.3 - Missing Authorization to Authenticated (Subscriber+) Settings Reset
CVE-2024-6296	2024-06-28	Stackable – Page Builder Gutenberg Blocks <= 3.13.1 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting
CVE-2024-37282	2024-06-28	It was identified that under certain specific preconditions, an API...
CVE-2024-30109	2024-06-28	Lack of Clickjacking Protection vulnerability affects DRYiCE AEX v10
CVE-2024-5570	2024-06-28	Simple Photoswipe <= 0.1 - Subscriber+ Arbitrary Settings Update
CVE-2024-5727	2024-06-28	Widget4Call <= 1.0.7 - Reflected XSS
CVE-2024-5728	2024-06-28	Animated AL List <= 1.0.6 - Reflected XSS
CVE-2024-5729	2024-06-28	Simple AL Slider <= 1.2.10 - Reflected XSS
CVE-2024-5730	2024-06-28	Pagerank Tools <= 1.1.5 - Reflected XSS
CVE-2023-47802	2024-06-28	A vulnerability regarding improper neutralization of special elements used in...
CVE-2023-47803	2024-06-28	A vulnerability regarding improper limitation of a pathname to a...
CVE-2024-39349	2024-06-28	A vulnerability regarding buffer copy without checking size of input...
CVE-2024-39351	2024-06-28	A vulnerability regarding improper neutralization of special elements used in...
CVE-2024-39352	2024-06-28	A vulnerability regarding incorrect authorization is found in the firmware...
CVE-2024-30110	2024-06-28	Lack of input validation vulnerability affects DRYiCE AEX v10
CVE-2024-39347	2024-06-28	Incorrect default permissions vulnerability in firewall functionality in Synology Router...
CVE-2024-39348	2024-06-28	Download of code without integrity check vulnerability in AirPrint functionality...
CVE-2024-30111	2024-06-28	Missing Root Detection vulnerability affects DRYiCE AEX v10
CVE-2024-39350	2024-06-28	A vulnerability regarding authentication bypass by spoofing is found in...
CVE-2024-5788	2024-06-28	Silesia <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button Shortcode
CVE-2024-5796	2024-06-28	Infinite <= 1.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via project_url Parameter
CVE-2024-2795	2024-06-28	SEO SIMPLE PACK <= 3.2.1 - Information Exposure
CVE-2024-6288	2024-06-28	Conversios.io - All-in-one Google Analytics, Pixels and Product Feed Manager for WooCommerce <= 7.1.0 - Reflected Cross-Site Scripting
CVE-2024-30135	2024-06-28	Sensitive Information Disclosure vulnerability affects DRYiCE AEX v10