CVE List - 2024 / July
Showing 3001 - 3100 of 3117 CVEs for July 2024 (Page 31 of 32)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-33976 | 2024-07-30 | TensorFlow segfault in array_ops.upper_bound |
| CVE-2024-41945 | 2024-07-30 | The fuels-ts typescript SDK has no awareness of to-be-spent transactions |
| CVE-2024-5901 | 2024-07-30 | SiteOrigin Widgets Bundle <= 1.62.2 - Authenticated (Contributor+) Stored Cross-Site Scripting in Image Grid widget |
| CVE-2024-7273 | 2024-07-30 | itsourcecode Alton Management System search.php sql injection |
| CVE-2024-7274 | 2024-07-30 | itsourcecode Alton Management System reservation_status.php sql injection |
| CVE-2024-37281 | 2024-07-30 | Kibana Denial of Service issue |
| CVE-2024-7275 | 2024-07-30 | itsourcecode Alton Management System category_save.php sql injection |
| CVE-2024-7276 | 2024-07-30 | itsourcecode Alton Management System member_save.php sql injection |
| CVE-2024-7277 | 2024-07-30 | itsourcecode Alton Management System Add a Menu menu.php unrestricted upload |
| CVE-2023-28149 | 2024-07-31 | An issue was discovered in the IhisiServiceSmm module in Insyde... |
| CVE-2024-40464 | 2024-07-31 | An issue in beego v.2.2.0 and before allows a remote... |
| CVE-2024-40465 | 2024-07-31 | An issue in beego v.2.2.0 and before allows a remote... |
| CVE-2024-41253 | 2024-07-31 | goframe v2.7.2 is configured to skip TLS certificate verification, possibly... |
| CVE-2024-41254 | 2024-07-31 | An issue was discovered in litestream v0.3.13. The usage of... |
| CVE-2024-41255 | 2024-07-31 | filestash v0.4 is configured to skip TLS certificate verification when... |
| CVE-2024-41262 | 2024-07-31 | mmudb v1.9.3 was discovered to use the HTTP protocol in... |
| CVE-2024-41630 | 2024-07-31 | Stack-based buffer overflow vulnerability in Tenda AC18 V15.03.3.10_EN allows a... |
| CVE-2024-42381 | 2024-07-31 | os/linux/elf.rb in Homebrew brew before 4.2.20 uses ldd to load... |
| CVE-2024-41256 | 2024-07-31 | Default configurations in the ShareProofVerifier function of filestash v0.4 causes... |
| CVE-2024-41258 | 2024-07-31 | An issue was discovered in filestash v0.4. The usage of... |
| CVE-2024-7278 | 2024-07-31 | itsourcecode Alton Management System team_save.php sql injection |
| CVE-2024-6255 | 2024-07-31 | Path Traversal in gaizhenbiao/chuanhuchatgpt |
| CVE-2024-7279 | 2024-07-31 | SourceCodester Lot Reservation Management System sql injection |
| CVE-2024-7280 | 2024-07-31 | SourceCodester Lot Reservation Management System view_reserved.php sql injection |
| CVE-2024-7281 | 2024-07-31 | SourceCodester Lot Reservation Management System sql injection |
| CVE-2024-7282 | 2024-07-31 | SourceCodester Lot Reservation Management System manage_model.php sql injection |
| CVE-2024-7283 | 2024-07-31 | SourceCodester Lot Reservation Management System manage_user.php sql injection |
| CVE-2024-7284 | 2024-07-31 | SourceCodester Lot Reservation Management System cross site scripting |
| CVE-2024-39944 | 2024-07-31 | A vulnerability has been found in Dahua products.Attackers can send... |
| CVE-2024-39945 | 2024-07-31 | A vulnerability has been found in Dahua products. After obtaining... |
| CVE-2024-39946 | 2024-07-31 | A vulnerability has been found in Dahua products.After obtaining the... |
| CVE-2024-39947 | 2024-07-31 | A vulnerability has been found in Dahua products.After obtaining the... |
| CVE-2024-7285 | 2024-07-31 | SourceCodester Establishment Billing Management System cross site scripting |
| CVE-2024-39948 | 2024-07-31 | A vulnerability has been found in Dahua products. Attackers can... |
| CVE-2024-39949 | 2024-07-31 | A vulnerability has been found in Dahua products. Attackers can... |
| CVE-2024-39950 | 2024-07-31 | A vulnerability has been found in Dahua products. Attackers can... |
| CVE-2024-7286 | 2024-07-31 | SourceCodester Establishment Billing Management System Login sql injection |
| CVE-2024-7287 | 2024-07-31 | SourceCodester Establishment Billing Management System manage_user.php sql injection |
| CVE-2024-7288 | 2024-07-31 | SourceCodester Establishment Billing Management System sql injection |
| CVE-2024-6770 | 2024-07-31 | Lifetime free Drag & Drop Contact Form Builder for WordPress VForm <= 2.1.5 - Unauthenticated Stored Cross-Site Scripting |
| CVE-2024-7289 | 2024-07-31 | SourceCodester Establishment Billing Management System manage_payment.php sql injection |
| CVE-2024-7205 | 2024-07-31 | sharing unnecessary device-sensitive information allows Secondary user able to take over devices as primary user |
| CVE-2024-6165 | 2024-07-31 | WANotifier < 2.6.1 - Admin+ Stored XSS |
| CVE-2024-6272 | 2024-07-31 | SpiderContacts <= 1.1.7 - Reflected XSS |
| CVE-2024-6408 | 2024-07-31 | Slider by 10Web < 1.2.57 - Editor+ Stored XSS |
| CVE-2024-6412 | 2024-07-31 | HTML Forms – Simple WordPress Forms Plugin < 1.3.34 - Bulk Delete via CSRF |
| CVE-2024-6695 | 2024-07-31 | profile-builder <= 3.11.8 - Unauthenticated Privilege Escalation |
| CVE-2024-7290 | 2024-07-31 | SourceCodester Establishment Billing Management System manage_tenant.php sql injection |
| CVE-2024-7299 | 2024-07-31 | Bolt CMS Entry Preview page cross site scripting |
| CVE-2024-6980 | 2024-07-31 | Verbose error handling issue in GravityZone Update Server proxy service |
| CVE-2024-7300 | 2024-07-31 | Bolt CMS Showcase Creation showcases cross site scripting |
| CVE-2024-7303 | 2024-07-31 | itsourcecode Online Blood Bank Management System Send Blood Request Page request.php cross site scripting |
| CVE-2023-28074 | 2024-07-31 | Dell BSAFE Crypto-C Micro Edition, version 4.1.5, and Dell BSAFE... |
| CVE-2024-7306 | 2024-07-31 | SourceCodester Establishment Billing Management System manage_block.php sql injection |
| CVE-2024-7264 | 2024-07-31 | ASN.1 date parser overread |
| CVE-2024-37142 | 2024-07-31 | Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled... |
| CVE-2024-37127 | 2024-07-31 | Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled... |
| CVE-2024-2508 | 2024-07-31 | WP Mobile Menu <= 2.8.4.4 - Missing Authorization to _mobmenu_icon Post Meta Modification |
| CVE-2024-7307 | 2024-07-31 | SourceCodester Establishment Billing Management System manage_billing.php sql injection |
| CVE-2024-32857 | 2024-07-31 | Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled... |
| CVE-2024-37129 | 2024-07-31 | Dell Inventory Collector, versions prior to 12.3.0.6 contains a Path... |
| CVE-2024-7308 | 2024-07-31 | SourceCodester Establishment Billing Management System view_bill.php sql injection |
| CVE-2024-7309 | 2024-07-31 | SourceCodester Record Management System entry.php cross site scripting |
| CVE-2024-7310 | 2024-07-31 | SourceCodester Record Management System sort_user.php cross site scripting |
| CVE-2024-7311 | 2024-07-31 | code-projects Online Bus Reservation Site register.php sql injection |
| CVE-2024-6725 | 2024-07-31 | Formidable Forms <= 6.11.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting |
| CVE-2024-7135 | 2024-07-31 | Tainacan <= 0.21.7 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Read |
| CVE-2024-7320 | 2024-07-31 | itsourcecode Online Blood Bank Management System Admin Login index.php sql injection |
| CVE-2024-7321 | 2024-07-31 | itsourcecode Online Blood Bank Management System User Registration signup.php cross site scripting |
| CVE-2024-6208 | 2024-07-31 | Download Manager <= 3.2.97 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode |
| CVE-2024-39379 | 2024-07-31 | Acrobat for Edge | Out-of-bounds Read (CWE-125) |
| CVE-2024-3082 | 2024-07-31 | A “CWE-256: Plaintext Storage of a Password” affecting the administrative... |
| CVE-2024-3083 | 2024-07-31 | A “CWE-352: Cross-Site Request Forgery (CSRF)” can be exploited by... |
| CVE-2024-31199 | 2024-07-31 | A “CWE-79: Improper Neutralization of Input During Web Page Generation... |
| CVE-2024-31200 | 2024-07-31 | A “CWE-201: Insertion of Sensitive Information Into Sent Data” affecting... |
| CVE-2024-31201 | 2024-07-31 | A “CWE-428: Unquoted Search Path or Element” affects the ThermoscanIP_Scrutation... |
| CVE-2024-31202 | 2024-07-31 | A “CWE-732: Incorrect Permission Assignment for Critical Resource” in the... |
| CVE-2024-31203 | 2024-07-31 | A “CWE-121: Stack-based Buffer Overflow” in the wd210std.dll dynamic library... |
| CVE-2024-37135 | 2024-07-31 | DM5500 5.16.0.0, contains an information disclosure vulnerability. A local attacker... |
| CVE-2024-7340 | 2024-07-31 | W&B Weave server remote arbitrary file leak and privilege escalation |
| CVE-2024-37898 | 2024-07-31 | XWiki Platform vulnerable to document deletion and overwrite from edit |
| CVE-2024-37900 | 2024-07-31 | XWiki Platform vulnerable to Cross-site Scripting through attachment filename in uploader |
| CVE-2024-37901 | 2024-07-31 | XWiki Platform vulnerable to remote code execution from account via SearchSuggestConfigSheet |
| CVE-2024-41947 | 2024-07-31 | XWiki Platform XSS through conflict resolution |
| CVE-2024-39318 | 2024-07-31 | Ibexa Admin UI vulnerable to DOM-based Cross-site Scripting in file upload widget |
| CVE-2024-39694 | 2024-07-31 | Duende IdentityServer Open Redirect vulnerability |
| CVE-2024-41950 | 2024-07-31 | Insecure Jinja2 templates rendered in Haystack Components can lead to RCE |
| CVE-2024-41952 | 2024-07-31 | Zitadel has an "Ignoring unknown usernames" vulnerability |
| CVE-2024-41953 | 2024-07-31 | Zitadel improperly sanitizes HTML in emails and Console UI |
| CVE-2024-6973 | 2024-07-31 | Remote Code Execution in Cato Windows SDP client via crafted URLs |
| CVE-2024-6974 | 2024-07-31 | Cato Networks Windows SDP Client Local Privilege Escalation via self-upgrade |
| CVE-2024-6975 | 2024-07-31 | Cato Networks Windows SDP Client Local Privilege Escalation via openssl configuration file |
| CVE-2024-6977 | 2024-07-31 | Cato Networks Windows SDP Client Sensitive data in trace logs can lead to account takeover |
| CVE-2024-6978 | 2024-07-31 | Cato Networks Windows SDP Client Local root certificates can be installed by low-privileged users |
| CVE-2024-23444 | 2024-07-31 | Elasticsearch elasticsearch-certutil csr fails to encrypt private key |
| CVE-2024-7324 | 2024-07-31 | IObit iTop Data Recovery Pro BPL madbasic_.bpl uncontrolled search path |
| CVE-2024-40645 | 2024-07-31 | FOG Authenticated File Upload RCE |
| CVE-2024-41108 | 2024-07-31 | FOG Sensitive Information Disclosure |
| CVE-2024-41955 | 2024-07-31 | Mobile Security Framework (MobSF) has an Open Redirect in Login Redirect |
| CVE-2024-41954 | 2024-07-31 | FOG Weak file permissions |