CVE List - 2024 / July
Showing 2901 - 3000 of 3117 CVEs for July 2024 (Page 30 of 32)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-42111 | 2024-07-30 | btrfs: always do the basic checks for btrfs_qgroup_inherit structure |
| CVE-2024-42112 | 2024-07-30 | net: txgbe: free isb resources at the right time |
| CVE-2024-42113 | 2024-07-30 | net: txgbe: initialize num_q_vectors for MSI/INTx interrupts |
| CVE-2024-42114 | 2024-07-30 | wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values |
| CVE-2024-42115 | 2024-07-30 | jffs2: Fix potential illegal address access in jffs2_free_inode |
| CVE-2024-42117 | 2024-07-30 | drm/amd/display: ASSERT when failing to find index by plane/stream id |
| CVE-2024-42118 | 2024-07-30 | drm/amd/display: Do not return negative stream id for array |
| CVE-2024-42119 | 2024-07-30 | drm/amd/display: Skip finding free audio for unknown engine_id |
| CVE-2024-42120 | 2024-07-30 | drm/amd/display: Check pipe offset before setting vblank |
| CVE-2024-42121 | 2024-07-30 | drm/amd/display: Check index msg_id before read or write |
| CVE-2024-42122 | 2024-07-30 | drm/amd/display: Add NULL pointer check for kzalloc |
| CVE-2024-42123 | 2024-07-30 | drm/amdgpu: fix double free err_addr pointer warnings |
| CVE-2024-42124 | 2024-07-30 | scsi: qedf: Make qedf_execute_tmf() non-preemptible |
| CVE-2024-42125 | 2024-07-30 | wifi: rtw89: fw: scan offload prohibit all 6 GHz channel if no 6 GHz sband |
| CVE-2024-42126 | 2024-07-30 | powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt. |
| CVE-2024-42127 | 2024-07-30 | drm/lima: fix shared irq handling on driver remove |
| CVE-2024-42128 | 2024-07-30 | leds: an30259a: Use devm_mutex_init() for mutex initialization |
| CVE-2024-42129 | 2024-07-30 | leds: mlxreg: Use devm_mutex_init() for mutex initialization |
| CVE-2024-42130 | 2024-07-30 | nfc/nci: Add the inconsistency check between the input data length and count |
| CVE-2024-42131 | 2024-07-30 | mm: avoid overflows in dirty throttling logic |
| CVE-2024-42132 | 2024-07-30 | bluetooth/hci: disallow setting handle bigger than HCI_CONN_HANDLE_MAX |
| CVE-2024-42133 | 2024-07-30 | Bluetooth: Ignore too large handle values in BIG |
| CVE-2024-42134 | 2024-07-30 | virtio-pci: Check if is_avq is NULL |
| CVE-2024-42135 | 2024-07-30 | vhost_task: Handle SIGKILL by flushing work and exiting |
| CVE-2024-42136 | 2024-07-30 | cdrom: rearrange last_media_change check to avoid unintentional overflow |
| CVE-2024-42137 | 2024-07-30 | Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot |
| CVE-2024-42138 | 2024-07-30 | mlxsw: core_linecards: Fix double memory deallocation in case of invalid INI file |
| CVE-2024-42139 | 2024-07-30 | ice: Fix improper extts handling |
| CVE-2024-42140 | 2024-07-30 | riscv: kexec: Avoid deadlock in kexec crash path |
| CVE-2024-42141 | 2024-07-30 | Bluetooth: ISO: Check socket flag instead of hcon |
| CVE-2024-42142 | 2024-07-30 | net/mlx5: E-switch, Create ingress ACL when needed |
| CVE-2024-42144 | 2024-07-30 | thermal/drivers/mediatek/lvts_thermal: Check NULL ptr on lvts_data |
| CVE-2024-42145 | 2024-07-30 | IB/core: Implement a limit on UMAD receive List |
| CVE-2024-42146 | 2024-07-30 | drm/xe: Add outer runtime_pm protection to xe_live_ktest@xe_dma_buf |
| CVE-2024-42147 | 2024-07-30 | crypto: hisilicon/debugfs - Fix debugfs uninit process issue |
| CVE-2024-42148 | 2024-07-30 | bnx2x: Fix multiple UBSAN array-index-out-of-bounds |
| CVE-2024-42149 | 2024-07-30 | fs: don't misleadingly warn during thaw operations |
| CVE-2024-42150 | 2024-07-30 | net: txgbe: remove separate irq request for MSI and INTx |
| CVE-2024-42151 | 2024-07-30 | bpf: mark bpf_dummy_struct_ops.test_1 parameter as nullable |
| CVE-2024-42152 | 2024-07-30 | nvmet: fix a possible leak when destroy a ctrl during qp establishment |
| CVE-2024-42153 | 2024-07-30 | i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr |
| CVE-2024-42154 | 2024-07-30 | tcp_metrics: validate source addr length |
| CVE-2024-42155 | 2024-07-30 | s390/pkey: Wipe copies of protected- and secure-keys |
| CVE-2024-42156 | 2024-07-30 | s390/pkey: Wipe copies of clear-key structures on failure |
| CVE-2024-42157 | 2024-07-30 | s390/pkey: Wipe sensitive data on failure |
| CVE-2024-42158 | 2024-07-30 | s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings |
| CVE-2024-42159 | 2024-07-30 | scsi: mpi3mr: Sanitise num_phys |
| CVE-2024-42160 | 2024-07-30 | f2fs: check validation of fault attrs in f2fs_build_fault_attr() |
| CVE-2024-42161 | 2024-07-30 | bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD |
| CVE-2024-42162 | 2024-07-30 | gve: Account for stopped queues when reading NIC stats |
| CVE-2024-42223 | 2024-07-30 | media: dvb-frontends: tda10048: Fix integer overflow |
| CVE-2024-42224 | 2024-07-30 | net: dsa: mv88e6xxx: Correct check for empty list |
| CVE-2024-42225 | 2024-07-30 | wifi: mt76: replace skb_put with skb_put_zero |
| CVE-2024-42227 | 2024-07-30 | drm/amd/display: Fix overlapping copy within dml_core_mode_programming |
| CVE-2024-42228 | 2024-07-30 | drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc |
| CVE-2024-42229 | 2024-07-30 | crypto: aead,cipher - zeroize key buffer after use |
| CVE-2024-42230 | 2024-07-30 | powerpc/pseries: Fix scv instruction crash with kexec |
| CVE-2024-42231 | 2024-07-30 | btrfs: zoned: fix calc_available_free_space() for zoned mode |
| CVE-2024-7224 | 2024-07-30 | SourceCodester Lot Reservation Management System lot_details.php sql injection |
| CVE-2023-48396 | 2024-07-30 | Apache SeaTunnel Web: Authentication bypass |
| CVE-2024-41693 | 2024-07-30 | Mashov - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) |
| CVE-2024-7225 | 2024-07-30 | SourceCodester Insurance Management System Edit Insurance Policy Page update_policy cross site scripting |
| CVE-2024-40895 | 2024-07-30 | FFRI AMC versions 3.4.0 to 3.5.3 and some OEM products... |
| CVE-2024-38429 | 2024-07-30 | Matrix - CWE-552: Files or Directories Accessible to External Parties |
| CVE-2024-41141 | 2024-07-30 | Stored cross-site scripting vulnerability exists in EC-CUBE Web API Plugin.... |
| CVE-2024-41924 | 2024-07-30 | Acceptance of extraneous untrusted data with trusted data vulnerability exists... |
| CVE-2024-38430 | 2024-07-30 | Matrix - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
| CVE-2024-38431 | 2024-07-30 | Matrix Tafnit v8 - CWE-204: Observable Response Discrepancy |
| CVE-2024-38432 | 2024-07-30 | Matrix – Tafnit v8 CWE-646: Reliance on File Name or Extension of Externally-Supplied File |
| CVE-2024-7226 | 2024-07-30 | SourceCodester Medicine Tracker System Password Change cross-site request forgery |
| CVE-2024-41694 | 2024-07-30 | Cybonet – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor |
| CVE-2024-41695 | 2024-07-30 | Cybonet - CWE-22: Improper Limitation of a Pathname to a Restricted Directory |
| CVE-2024-41696 | 2024-07-30 | Priority PRI WEB Portal Add-On for Priority ERP on prem – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor |
| CVE-2024-41701 | 2024-07-30 | AccuPOS – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor |
| CVE-2024-41702 | 2024-07-30 | SiberianCMS – CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') |
| CVE-2024-7127 | 2024-07-30 | XSS in Stackposts - Social Marketing Tool |
| CVE-2024-6699 | 2024-07-30 | SQLi in Mikafon Electronic's Mikafon MA7 |
| CVE-2024-37165 | 2024-07-30 | Discourse has an XSS via Onebox system |
| CVE-2024-37299 | 2024-07-30 | Discourse vulnerable to DoS via Tag Group |
| CVE-2024-39320 | 2024-07-30 | Discourse allows iframe injection though default site setting |
| CVE-2024-4188 | 2024-07-30 | Security vulnerability exists in Documentum server cloud releases that could allow access to sensitive information which can impact system Operation. |
| CVE-2024-41109 | 2024-07-30 | Pimcore vulnerable to disclosure of system and database information behind /admin firewall |
| CVE-2024-41803 | 2024-07-30 | Xibo allows Sensitive Information Disclosure abusing SQL Injection in Xibo CMS DataSet Filter |
| CVE-2024-41802 | 2024-07-30 | Xibo allows Sensitive Information Disclosure abusing SQL Injection in Xibo CMS DataSet Data Import |
| CVE-2024-41804 | 2024-07-30 | Xibo allows Sensitive Information Disclosure abusing SQL Injection in Xibo CMS DataSet Column Formula |
| CVE-2024-7297 | 2024-07-30 | Langflow Privilege Escalation |
| CVE-2024-41944 | 2024-07-30 | Sensitive Information Disclosure abusing SQL Injection in Xibo CMS proof of play report |
| CVE-2023-26289 | 2024-07-30 | IBM Aspera Orchestrator HTTP header injection |
| CVE-2023-38001 | 2024-07-30 | IBM Aspera Orchestrator cross-site request forgery |
| CVE-2023-26288 | 2024-07-30 | IBM Aspera Orchestrator session fixation |
| CVE-2024-7209 | 2024-07-30 | CVE-2024-7209 |
| CVE-2024-7208 | 2024-07-30 | CVE-2024-7208 |
| CVE-2024-5486 | 2024-07-30 | Authenticated Sensitive Information Disclosure in ClearPass Policy Manager |
| CVE-2022-33167 | 2024-07-30 | IBM Security Directory Integrator information disclosure |
| CVE-2024-41915 | 2024-07-30 | Authenticated SQL Injection Vulnerability in ClearPass Policy Manager Web-based Management Interface |
| CVE-2024-41916 | 2024-07-30 | Authenticated Sensitive Information Disclosure in ClearPass Policy Manager |
| CVE-2024-41943 | 2024-07-30 | I, Librarian Stored XSS vulnerability in Item Summary |
| CVE-2024-5249 | 2024-07-30 | SAML Replay in Akana |
| CVE-2024-5250 | 2024-07-30 | Overly Verbose Errors in SAML Integration |
| CVE-2024-3930 | 2024-07-30 | XML External Entity in Akana |