CVE List - 2024 / July
Showing 1201 - 1300 of 3117 CVEs for July 2024 (Page 13 of 32)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-40521 | 2024-07-12 | SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability... |
| CVE-2024-40522 | 2024-07-12 | There is a remote code execution vulnerability in SeaCMS 12.9.... |
| CVE-2024-40544 | 2024-07-12 | PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery... |
| CVE-2024-40547 | 2024-07-12 | PublicCMS v4.0.202302.e was discovered to contain an arbitrary file content... |
| CVE-2024-40549 | 2024-07-12 | An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlace of... |
| CVE-2024-40552 | 2024-07-12 | PublicCMS v4.0.202302.e was discovered to contain a remote commande execution... |
| CVE-2024-6396 | 2024-07-12 | Arbitrary File Overwrite and Data Exfiltration in aimhubio/aim |
| CVE-2024-1375 | 2024-07-12 | Event post <= 5.9.5 - Cross-Site Request Forgery |
| CVE-2024-6677 | 2024-07-12 | Privilege escalation in uberAgent |
| CVE-2024-6555 | 2024-07-12 | WP Popups – WordPress Popup builder <= 2.2.0.1 - Unauthenticated Full Path Disclosure |
| CVE-2024-0974 | 2024-07-12 | Social Media Widget < 4.0.9 - Admin+ Stored XSS |
| CVE-2024-2430 | 2024-07-12 | Website Content in Page or Post < 2024.04.09 - Contributor+ Stored Cross-Site Scripting |
| CVE-2024-2640 | 2024-07-12 | Watu Quiz < 3.4.1.2 - Author+ Stored XSS |
| CVE-2024-2696 | 2024-07-12 | Swift Framework < 2024.04.30 - Admin+ Stored XSS via Settings |
| CVE-2024-3112 | 2024-07-12 | Quotes and Tips < 1.45 - Admin+ Arbitrary File Upload |
| CVE-2024-4753 | 2024-07-12 | WP Secure Maintenance < 1.7 - Admin+ Stored XSS |
| CVE-2024-5626 | 2024-07-12 | Inline Related Posts < 3.7.0 - Reflected XSS |
| CVE-2024-5811 | 2024-07-12 | Simple Video Directory < 1.4.4 - Contributor+ Stored XSS |
| CVE-2024-6022 | 2024-07-12 | ContentLock <= 1.0.3 - Settings Update via CSRF |
| CVE-2024-6023 | 2024-07-12 | ContentLock <= 1.0.3 - Email Adding via CSRF |
| CVE-2024-6024 | 2024-07-12 | ContentLock <= 1.0.3 - Groups/Emails Deletion via CSRF |
| CVE-2024-6588 | 2024-07-12 | PowerPress Podcasting plugin by Blubrry <= 11.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via media_url Parameter |
| CVE-2024-6625 | 2024-07-12 | WP Total Branding <= 1.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via title Parameter |
| CVE-2024-6353 | 2024-07-12 | Wallet for WooCommerce <= 1.5.4 - Authenticated (Subscriber+) SQL Injection via 'search[value]' |
| CVE-2024-6328 | 2024-07-12 | MStore API – Create Native Android & iOS Apps On The Cloud <= 4.14.7 - Authentication Bypass |
| CVE-2024-36522 | 2024-07-12 | Apache Wicket: Remote code execution via XSLT injection |
| CVE-2024-39494 | 2024-07-12 | ima: Fix use-after-free on a dentry's dname.name |
| CVE-2024-39495 | 2024-07-12 | greybus: Fix use-after-free bug in gb_interface_release due to race condition. |
| CVE-2024-39496 | 2024-07-12 | btrfs: zoned: fix use-after-free due to race with dev replace |
| CVE-2024-39497 | 2024-07-12 | drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) |
| CVE-2024-39498 | 2024-07-12 | drm/mst: Fix NULL pointer dereference at drm_dp_add_payload_part2 |
| CVE-2024-39499 | 2024-07-12 | vmci: prevent speculation leaks by sanitizing event in event_deliver() |
| CVE-2024-39500 | 2024-07-12 | sock_map: avoid race between sock_map_close and sk_psock_put |
| CVE-2024-39502 | 2024-07-12 | ionic: fix use after netif_napi_del() |
| CVE-2024-39503 | 2024-07-12 | netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type |
| CVE-2024-39504 | 2024-07-12 | netfilter: nft_inner: validate mandatory meta and payload |
| CVE-2024-39505 | 2024-07-12 | drm/komeda: check for error-valued pointer |
| CVE-2024-39506 | 2024-07-12 | liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet |
| CVE-2024-39507 | 2024-07-12 | net: hns3: fix kernel crash problem in concurrent scenario |
| CVE-2024-39508 | 2024-07-12 | io_uring/io-wq: Use set_bit() and test_bit() at worker->flags |
| CVE-2024-39509 | 2024-07-12 | HID: core: remove unnecessary WARN_ON() in implement() |
| CVE-2024-39510 | 2024-07-12 | cachefiles: fix slab-use-after-free in cachefiles_ondemand_daemon_read() |
| CVE-2024-40899 | 2024-07-12 | cachefiles: fix slab-use-after-free in cachefiles_ondemand_get_fd() |
| CVE-2024-40900 | 2024-07-12 | cachefiles: remove requests from xarray during flushing requests |
| CVE-2024-40901 | 2024-07-12 | scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory |
| CVE-2024-40902 | 2024-07-12 | jfs: xattr: fix buffer overflow for invalid xattr |
| CVE-2024-40903 | 2024-07-12 | usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps |
| CVE-2024-40904 | 2024-07-12 | USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages |
| CVE-2024-40905 | 2024-07-12 | ipv6: fix possible race in __fib6_drop_pcpu_from() |
| CVE-2024-40906 | 2024-07-12 | net/mlx5: Always stop health timer during driver removal |
| CVE-2024-40907 | 2024-07-12 | ionic: fix kernel panic in XDP_TX action |
| CVE-2024-40908 | 2024-07-12 | bpf: Set run context for rawtp test_run callback |
| CVE-2024-40909 | 2024-07-12 | bpf: Fix a potential use-after-free in bpf_link_free() |
| CVE-2024-40910 | 2024-07-12 | ax25: Fix refcount imbalance on inbound connections |
| CVE-2024-40911 | 2024-07-12 | wifi: cfg80211: Lock wiphy in cfg80211_get_station |
| CVE-2024-40912 | 2024-07-12 | wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() |
| CVE-2024-40913 | 2024-07-12 | cachefiles: defer exposing anon_fd until after copy_to_user() succeeds |
| CVE-2024-40914 | 2024-07-12 | mm/huge_memory: don't unpoison huge_zero_folio |
| CVE-2024-40915 | 2024-07-12 | riscv: rewrite __kernel_map_pages() to fix sleeping in invalid context |
| CVE-2024-40916 | 2024-07-12 | drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found |
| CVE-2024-40917 | 2024-07-12 | memblock: make memblock_set_node() also warn about use of MAX_NUMNODES |
| CVE-2024-40918 | 2024-07-12 | parisc: Try to fix random segmentation faults in package builds |
| CVE-2024-40919 | 2024-07-12 | bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() |
| CVE-2024-40920 | 2024-07-12 | net: bridge: mst: fix suspicious rcu usage in br_mst_set_state |
| CVE-2024-40921 | 2024-07-12 | net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state |
| CVE-2024-40922 | 2024-07-12 | io_uring/rsrc: don't lock while !TASK_RUNNING |
| CVE-2024-40923 | 2024-07-12 | vmxnet3: disable rx data ring on dma allocation failure |
| CVE-2024-40924 | 2024-07-12 | drm/i915/dpt: Make DPT object unshrinkable |
| CVE-2024-40925 | 2024-07-12 | block: fix request.queuelist usage in flush |
| CVE-2024-40926 | 2024-07-12 | drm/nouveau: don't attempt to schedule hpd_work on headless cards |
| CVE-2024-40927 | 2024-07-12 | xhci: Handle TD clearing for multiple streams case |
| CVE-2024-40928 | 2024-07-12 | net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool() |
| CVE-2024-40929 | 2024-07-12 | wifi: iwlwifi: mvm: check n_ssids before accessing the ssids |
| CVE-2024-40930 | 2024-07-12 | wifi: cfg80211: validate HE operation element parsing |
| CVE-2024-40931 | 2024-07-12 | mptcp: ensure snd_una is properly initialized on connect |
| CVE-2024-40932 | 2024-07-12 | drm/exynos/vidi: fix memory leak in .get_modes() |
| CVE-2024-40933 | 2024-07-12 | iio: temperature: mlx90635: Fix ERR_PTR dereference in mlx90635_probe() |
| CVE-2024-40934 | 2024-07-12 | HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() |
| CVE-2024-40935 | 2024-07-12 | cachefiles: flush all requests after setting CACHEFILES_DEAD |
| CVE-2024-40936 | 2024-07-12 | cxl/region: Fix memregion leaks in devm_cxl_add_region() |
| CVE-2024-40937 | 2024-07-12 | gve: Clear napi->skb before dev_kfree_skb_any() |
| CVE-2024-40938 | 2024-07-12 | landlock: Fix d_parent walk |
| CVE-2024-40939 | 2024-07-12 | net: wwan: iosm: Fix tainted pointer delete is case of region creation fail |
| CVE-2024-40940 | 2024-07-12 | net/mlx5: Fix tainted pointer delete is case of flow rules creation fail |
| CVE-2024-40941 | 2024-07-12 | wifi: iwlwifi: mvm: don't read past the mfuart notifcation |
| CVE-2024-40942 | 2024-07-12 | wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects |
| CVE-2024-40943 | 2024-07-12 | ocfs2: fix races between hole punching and AIO+DIO |
| CVE-2024-40944 | 2024-07-12 | x86/kexec: Fix bug with call depth tracking |
| CVE-2024-40945 | 2024-07-12 | iommu: Return right value in iommu_sva_bind_device() |
| CVE-2024-40947 | 2024-07-12 | ima: Avoid blocking in RCU read-side critical section |
| CVE-2024-40948 | 2024-07-12 | mm/page_table_check: fix crash on ZONE_DEVICE |
| CVE-2024-40949 | 2024-07-12 | mm: shmem: fix getting incorrect lruvec when replacing a shmem folio |
| CVE-2024-40950 | 2024-07-12 | mm: huge_memory: fix misused mapping_large_folio_support() for anon folios |
| CVE-2024-40951 | 2024-07-12 | ocfs2: fix NULL pointer dereference in ocfs2_abort_trigger() |
| CVE-2024-40952 | 2024-07-12 | ocfs2: fix NULL pointer dereference in ocfs2_journal_dirty() |
| CVE-2024-40953 | 2024-07-12 | KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() |
| CVE-2024-40954 | 2024-07-12 | net: do not leave a dangling sk pointer, when socket creation fails |
| CVE-2024-40955 | 2024-07-12 | ext4: fix slab-out-of-bounds in ext4_mb_find_good_group_avg_frag_lists() |
| CVE-2024-40956 | 2024-07-12 | dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list |
| CVE-2024-40957 | 2024-07-12 | seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors |