CVE List - 2024 / July
Showing 701 - 800 of 3115 CVEs for July 2024 (Page 8 of 32)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-52237 | 2024-07-09 | A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200NC,... |
| CVE-2023-52238 | 2024-07-09 | A vulnerability has been identified in RUGGEDCOM RST2228 (All versions < V5.9.0), RUGGEDCOM RST2228P (All versions < V5.9.0). The web server of the affected systems leaks the MACSEC key in... |
| CVE-2023-52891 | 2024-07-09 | A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.5), SIMATIC Energy Manager PRO (All versions < V7.5), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor... |
| CVE-2024-30321 | 2024-07-09 | A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 5), SIMATIC WinCC Runtime... |
| CVE-2024-32056 | 2024-07-09 | A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected application contains an out of bounds write past the end of an allocated buffer while parsing... |
| CVE-2024-33653 | 2024-07-09 | A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing... |
| CVE-2024-33654 | 2024-07-09 | A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing... |
| CVE-2024-37996 | 2024-07-09 | A vulnerability has been identified in JT Open (All versions < V11.5), JT2Go (All versions < V2406.0003), PLM XML SDK (All versions < V7.1.0.014), Teamcenter Visualization V14.2 (All versions <... |
| CVE-2024-37997 | 2024-07-09 | A vulnerability has been identified in JT Open (All versions < V11.5), JT2Go (All versions < V2406.0003), PLM XML SDK (All versions < V7.1.0.014), Teamcenter Visualization V14.2 (All versions <... |
| CVE-2024-38278 | 2024-07-09 | A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.9.0), RUGGEDCOM RMC8388NC V5.X (All versions < V5.9.0), RUGGEDCOM RS416NCv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416PNCv2 V5.X... |
| CVE-2024-38867 | 2024-07-09 | A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.64), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.64), SIPROTEC 5... |
| CVE-2024-39567 | 2024-07-09 | A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). The system service of affected applications is vulnerable to command injection due to missing server... |
| CVE-2024-39568 | 2024-07-09 | A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). The system service of affected applications is vulnerable to command injection due to missing server... |
| CVE-2024-39569 | 2024-07-09 | A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). The system service of affected applications is vulnerable to command injection due to missing server... |
| CVE-2024-39570 | 2024-07-09 | A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1). Affected applications are vulnerable to command injection due to missing server side input sanitation when... |
| CVE-2024-39571 | 2024-07-09 | A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1). Affected applications are vulnerable to command injection due to missing server side input sanitation when... |
| CVE-2024-39675 | 2024-07-09 | A vulnerability has been identified in RUGGEDCOM RMC30 (All versions < V4.3.10), RUGGEDCOM RMC30NC (All versions < V4.3.10), RUGGEDCOM RP110 (All versions < V4.3.10), RUGGEDCOM RP110NC (All versions < V4.3.10),... |
| CVE-2024-39865 | 2024-07-09 | A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application allows users to upload encrypted backup files. As part of this backup,... |
| CVE-2024-39866 | 2024-07-09 | A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application allows users to upload encrypted backup files. This could allow an attacker... |
| CVE-2024-39867 | 2024-07-09 | A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected devices do not properly validate the authentication when performing certain actions in the web... |
| CVE-2024-39868 | 2024-07-09 | A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected devices do not properly validate the authentication when performing certain actions in the web... |
| CVE-2024-39869 | 2024-07-09 | A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected products allow to upload certificates. An authenticated attacker could upload a crafted certificates leading... |
| CVE-2024-39870 | 2024-07-09 | A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected applications can be configured to allow users to manage own users. A local... |
| CVE-2024-39871 | 2024-07-09 | A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected applications do not properly separate the rights to edit device settings and to edit... |
| CVE-2024-39872 | 2024-07-09 | A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application does not properly assign rights to temporary files created during its update... |
| CVE-2024-39873 | 2024-07-09 | A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application does not properly implement brute force protection against user credentials in its... |
| CVE-2024-39874 | 2024-07-09 | A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application does not properly implement brute force protection against user credentials in its... |
| CVE-2024-39875 | 2024-07-09 | A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application allows authenticated, low privilege users with the 'Manage own remote connections' permission... |
| CVE-2024-39876 | 2024-07-09 | A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected applications do not properly handle log rotation. This could allow an unauthenticated remote attacker... |
| CVE-2024-39888 | 2024-07-09 | A vulnerability has been identified in Mendix Encryption (All versions >= V10.0.0 < V10.0.2). Affected versions of the module define a specific hard-coded default value for the EncryptionKey constant, which... |
| CVE-2024-37513 | 2024-07-09 | WordPress WPCafe plugin <= 2.2.27 - Local File Inclusion vulnerability |
| CVE-2024-37520 | 2024-07-09 | WordPress ShopBuilder – Elementor WooCommerce Builder Addons plugin <= 2.1.12 - Local File Inclusion vulnerability |
| CVE-2024-37934 | 2024-07-09 | WordPress Ninja Forms plugin <= 3.8.4 - Subscriber+ Arbitrary Shortcode Execution vulnerability |
| CVE-2024-37952 | 2024-07-09 | WordPress BookYourTravel theme <= 8.18.17 - Subscriber+ Privilege Escalation vulnerability |
| CVE-2024-22271 | 2024-07-09 | Spring Cloud Function Web DOS Vulnerability |
| CVE-2024-6527 | 2024-07-09 | SQL Injection in MegaBIP |
| CVE-2024-2177 | 2024-07-09 | Improper Restriction of Rendered UI Layers or Frames in GitLab |
| CVE-2024-6598 | 2024-07-09 | Denial-of-service on KNIME Business Hub when certain jobs are executed |
| CVE-2023-39328 | 2024-07-09 | Openjpeg: denail of service via crafted image file |
| CVE-2024-38363 | 2024-07-09 | Remote Code Execution (RCE) via Server Side Template Injection (SSTI) in Airbyte |
| CVE-2024-39697 | 2024-07-09 | phonenumber panics on parsing crafted phonenumber inputs |
| CVE-2024-6600 | 2024-07-09 | Memory corruption in WebGL API |
| CVE-2024-6601 | 2024-07-09 | Race condition in permission assignment |
| CVE-2024-6602 | 2024-07-09 | Memory corruption in NSS |
| CVE-2024-6603 | 2024-07-09 | Memory corruption in thread creation |
| CVE-2024-6604 | 2024-07-09 | Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, Thunderbird 128, and Thunderbird 115.13 |
| CVE-2024-6605 | 2024-07-09 | Firefox Android missed activation delay to prevent tapjacking |
| CVE-2024-6606 | 2024-07-09 | Out-of-bounds read in clipboard component |
| CVE-2024-6607 | 2024-07-09 | Leaving pointerlock by pressing the escape key could be prevented |
| CVE-2024-6608 | 2024-07-09 | Cursor could be moved out of the viewport using pointerlock. |
| CVE-2024-6609 | 2024-07-09 | Memory corruption in NSS |
| CVE-2024-6610 | 2024-07-09 | Form validation popups could block exiting full-screen mode |
| CVE-2024-6611 | 2024-07-09 | Incorrect handling of SameSite cookies |
| CVE-2024-6612 | 2024-07-09 | CSP violation leakage when using devtools |
| CVE-2024-6613 | 2024-07-09 | Incorrect listing of stack frames |
| CVE-2024-6614 | 2024-07-09 | Incorrect listing of stack frames |
| CVE-2024-6615 | 2024-07-09 | Memory safety bugs fixed in Firefox 128 and Thunderbird 128 |
| CVE-2024-33509 | 2024-07-09 | An improper certificate validation vulnerability [CWE-295] in FortiWeb 7.2.0 through 7.2.1, 7.0 all versions, 6.4 all versions and 6.3 all versions may allow a remote and unauthenticated attacker in a... |
| CVE-2024-27783 | 2024-07-09 | Multiple cross-site request forgery (CSRF) vulnerabilities [CWE-352] in FortiAIOps version 2.0.0 may allow an unauthenticated remote attacker to perform arbitrary actions on behalf of an authenticated user via tricking the... |
| CVE-2024-27785 | 2024-07-09 | An improper neutralization of formula elements in a CSV File vulnerability [CWE-1236] in FortiAIOps version 2.0.0 may allow a remote authenticated attacker to execute arbitrary commands on a client's workstation... |
| CVE-2023-50179 | 2024-07-09 | An improper certificate validation vulnerability [CWE-295] in FortiADC 7.4.0, 7.2 all versions, 7.1 all versions, 7.0 all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack... |
| CVE-2024-27784 | 2024-07-09 | Multiple Exposure of sensitive information to an unauthorized actor vulnerabilities [CWE-200] in FortiAIOps version 2.0.0 may allow an authenticated, remote attacker to retrieve sensitive information from the API endpoint or... |
| CVE-2024-26015 | 2024-07-09 | An incorrect parsing of numbers with different radices vulnerability [CWE-1389] in FortiProxy version 7.4.3 and below, version 7.2.10 and below, version 7.0.17 and below and FortiOS version 7.4.3 and below,... |
| CVE-2024-27782 | 2024-07-09 | Multiple insufficient session expiration vulnerabilities [CWE-613] in FortiAIOps version 2.0.0 may allow an attacker to re-use stolen old session tokens to perform unauthorized operations via crafted requests. |
| CVE-2024-21759 | 2024-07-09 | An authorization bypass through user-controlled key in Fortinet FortiPortal version 7.2.0, and versions 7.0.0 through 7.0.6 allows attacker to view unauthorized resources via HTTP or HTTPS requests. |
| CVE-2024-23663 | 2024-07-09 | An improper access control in Fortinet FortiExtender 4.1.1 - 4.1.9, 4.2.0 - 4.2.6, 5.3.2, 7.0.0 - 7.0.4, 7.2.0 - 7.2.4 and 7.4.0 - 7.4.2 allows an attacker to create users... |
| CVE-2023-50181 | 2024-07-09 | An improper access control vulnerability [CWE-284] in Fortinet FortiADC version 7.4.0 through 7.4.1 and before 7.2.4 allows a read only authenticated attacker to perform some write actions via crafted HTTP... |
| CVE-2023-50178 | 2024-07-09 | An improper certificate validation vulnerability [CWE-295] in FortiADC 7.4.0, 7.2.0 through 7.2.3, 7.1 all versions, 7.0 all versions, 6.2 all versions, 6.1 all versions and 6.0 all versions may allow... |
| CVE-2023-40702 | 2024-07-09 | PingOne MFA Integration Kit MFA bypass |
| CVE-2023-40356 | 2024-07-09 | PingOne MFA Integration Kit MFA bypass |
| CVE-2024-21731 | 2024-07-09 | [20240703] - Core - XSS in StringHelper::truncate method |
| CVE-2024-26278 | 2024-07-09 | [20240705] - Core - XSS in com_fields default field value |
| CVE-2024-26279 | 2024-07-09 | [20240704] - Core - XSS in Wrapper extensions |
| CVE-2024-21730 | 2024-07-09 | [20240702] - Core - Self-XSS in fancyselect list field layout |
| CVE-2024-21729 | 2024-07-09 | [20240701] - Core - XSS in accessible media selection field |
| CVE-2024-6237 | 2024-07-09 | 389-ds-base: unauthenticated user can trigger a dos by sending a specific extended search request |
| CVE-2024-30061 | 2024-07-09 | Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability |
| CVE-2024-28899 | 2024-07-09 | Secure Boot Security Feature Bypass Vulnerability |
| CVE-2024-30081 | 2024-07-09 | Windows NTLM Spoofing Vulnerability |
| CVE-2024-30098 | 2024-07-09 | Windows Cryptographic Services Security Feature Bypass Vulnerability |
| CVE-2024-35264 | 2024-07-09 | .NET and Visual Studio Remote Code Execution Vulnerability |
| CVE-2024-35270 | 2024-07-09 | Windows iSCSI Service Denial of Service Vulnerability |
| CVE-2024-38088 | 2024-07-09 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability |
| CVE-2024-38087 | 2024-07-09 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability |
| CVE-2024-21332 | 2024-07-09 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability |
| CVE-2024-21333 | 2024-07-09 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability |
| CVE-2024-21335 | 2024-07-09 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability |
| CVE-2024-21373 | 2024-07-09 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability |
| CVE-2024-21398 | 2024-07-09 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability |
| CVE-2024-21414 | 2024-07-09 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability |
| CVE-2024-21415 | 2024-07-09 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability |
| CVE-2024-21428 | 2024-07-09 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability |
| CVE-2024-37318 | 2024-07-09 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability |
| CVE-2024-37332 | 2024-07-09 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability |
| CVE-2024-37331 | 2024-07-09 | SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability |
| CVE-2024-37969 | 2024-07-09 | Secure Boot Security Feature Bypass Vulnerability |
| CVE-2024-37970 | 2024-07-09 | Secure Boot Security Feature Bypass Vulnerability |
| CVE-2024-37974 | 2024-07-09 | Secure Boot Security Feature Bypass Vulnerability |
| CVE-2024-37981 | 2024-07-09 | Secure Boot Security Feature Bypass Vulnerability |
| CVE-2024-37986 | 2024-07-09 | Secure Boot Security Feature Bypass Vulnerability |