CVE List - 2024 / August
Showing 1201 - 1300 of 2898 CVEs for August 2024 (Page 13 of 29)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-39409 | 2024-08-14 | Adobe Commerce | Cross-Site Request Forgery (CSRF) (CWE-352) |
| CVE-2024-39397 | 2024-08-14 | Adobe Commerce | Unrestricted Upload of File with Dangerous Type (CWE-434) |
| CVE-2024-39401 | 2024-08-14 | Adobe Commerce | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) |
| CVE-2024-39398 | 2024-08-14 | OTP 2FA can be bruteforced |
| CVE-2024-39407 | 2024-08-14 | Adobe Commerce | Improper Authorization (CWE-285) |
| CVE-2024-39410 | 2024-08-14 | Adobe Commerce | Cross-Site Request Forgery (CSRF) (CWE-352) |
| CVE-2024-39417 | 2024-08-14 | An unauthorized user can export the Shipping Report |
| CVE-2024-39408 | 2024-08-14 | Adobe Commerce | Cross-Site Request Forgery (CSRF) (CWE-352) |
| CVE-2024-39399 | 2024-08-14 | [Paris] Path Traversal lead to local file read |
| CVE-2024-39413 | 2024-08-14 | An unauthorized user can export the Invoiced Sales Report |
| CVE-2024-39418 | 2024-08-14 | Adobe Commerce | Improper Authorization (CWE-285) |
| CVE-2024-39403 | 2024-08-14 | Stored XSS through Webhook module public key configuration |
| CVE-2024-39419 | 2024-08-14 | A user without ship permissions can ship the orders |
| CVE-2024-26022 | 2024-08-14 | Improper access control in some Intel(R) UEFI Integrator Tools on Aptio V for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-27461 | 2024-08-14 | Incorrect default permissions in software installer for Intel(R) MAS (GUI) may allow an authenticated user to potentially enable denial of service via local access. |
| CVE-2024-28050 | 2024-08-14 | Improper access control in some Intel(R) Arc(TM) & Iris(R) Xe Graphics software before version 31.0.101.4824 may allow an authenticated user to potentially enable denial of service via local access. |
| CVE-2024-28887 | 2024-08-14 | Uncontrolled search path in some Intel(R) IPP software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-23489 | 2024-08-14 | Uncontrolled search path for some Intel(R) VROC software before version 8.6.0.1191 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-22184 | 2024-08-14 | Uncontrolled search path for some Intel(R) Quartus(R) Prime Pro Edition Design Software before version 24.1 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-24977 | 2024-08-14 | Uncontrolled search path for some Intel(R) License Manager for FLEXlm product software before version 11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-28953 | 2024-08-14 | Uncontrolled search path in some EMON software before version 11.44 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-29015 | 2024-08-14 | Uncontrolled search path in some Intel(R) VTune(TM) Profiler software before versions 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-28947 | 2024-08-14 | Improper input validation in kernel mode driver for some Intel(R) Server Board S2600ST Family firmware before version 02.01.0017 may allow a privileged user to potentially enable escalation of privilege via... |
| CVE-2024-25939 | 2024-08-14 | Mirrored regions with different values in 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access. |
| CVE-2024-28172 | 2024-08-14 | Uncontrolled search path for some Intel(R) Trace Analyzer and Collector software before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-26027 | 2024-08-14 | Uncontrolled search path for some Intel(R) Simics Package Manager software before version 1.8.3 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-28876 | 2024-08-14 | Uncontrolled search path for some Intel(R) MPI Library software before version 2021.12 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-21784 | 2024-08-14 | Uncontrolled search path for some Intel(R) IPP Cryptography software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-23907 | 2024-08-14 | Uncontrolled search path in some Intel(R) High Level Synthesis Compiler software before version 23.4 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2023-43489 | 2024-08-14 | Improper access control for some Intel(R) CIP software before version 2.4.10717 may allow an authenticated user to potentially enable denial of service via local access. |
| CVE-2024-26025 | 2024-08-14 | Incorrect default permissions for some Intel(R) Advisor software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-23908 | 2024-08-14 | Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before version v11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-22376 | 2024-08-14 | Uncontrolled search path element in some installation software for Intel(R) Ethernet Adapter Driver Pack before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local... |
| CVE-2024-28046 | 2024-08-14 | Uncontrolled search path in some Intel(R) GPA software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-23909 | 2024-08-14 | Uncontrolled search path in some Intel(R) FPGA SDK for OpenCL(TM) software technology may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2023-43747 | 2024-08-14 | Incorrect default permissions for some Intel(R) Connectivity Performance Suite software installers before version 2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-24980 | 2024-08-14 | Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. |
| CVE-2024-22378 | 2024-08-14 | Incorrect default permissions in some Intel Unite(R) Client Extended Display Plugin software installers before version 1.1.352.157 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-24580 | 2024-08-14 | Improper conditions check in some Intel(R) Data Center GPU Max Series 1100 and 1550 products may allow a privileged user to potentially enable denial of service via local access. |
| CVE-2024-25561 | 2024-08-14 | Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-23974 | 2024-08-14 | Incorrect default permissions in some Intel(R) ISH software installers may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-25576 | 2024-08-14 | improper access control in firmware for some Intel(R) FPGA products before version 24.1 may allow a privileged user to enable escalation of privilege via local access. |
| CVE-2024-24853 | 2024-08-14 | Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local... |
| CVE-2023-35123 | 2024-08-14 | Uncaught exception in OpenBMC Firmware for some Intel(R) Server Platforms before versions egs-1.14-0, bhs-0.27 may allow an authenticated user to potentially enable denial of service via network access. |
| CVE-2023-49144 | 2024-08-14 | Out of bounds read in OpenBMC Firmware for some Intel(R) Server Platforms before versions egs-1.15-0, bhs-0.27 may allow a privileged user to potentially enable information disclosure via local access. |
| CVE-2024-25562 | 2024-08-14 | Improper buffer restrictions in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access. |
| CVE-2024-23491 | 2024-08-14 | Uncontrolled search path in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-24973 | 2024-08-14 | Improper input validation for some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access. |
| CVE-2024-23495 | 2024-08-14 | Incorrect default permissions in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-22374 | 2024-08-14 | Insufficient control flow management for some Intel(R) Xeon Processors may allow an authenticated user to potentially enable denial of service via local access. |
| CVE-2024-21766 | 2024-08-14 | Uncontrolled search path for some Intel(R) oneAPI Math Kernel Library software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-21801 | 2024-08-14 | Insufficient control flow management in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable denial of service via local access. |
| CVE-2024-21857 | 2024-08-14 | Uncontrolled search path for some Intel(R) oneAPI Compiler software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2023-49141 | 2024-08-14 | Improper isolation in some Intel(R) Processors stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2023-42667 | 2024-08-14 | Improper isolation in the Intel(R) Core(TM) Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-34163 | 2024-08-14 | Improper input validation in firmware for some Intel(R) NUC may allow a privileged user to potentially enableescalation of privilege via local access. |
| CVE-2024-39283 | 2024-08-14 | Incomplete filtering of special elements in Intel(R) TDX module software before version TDX_1.5.01.00.592 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2023-40067 | 2024-08-14 | Unchecked return value in firmware for some Intel(R) CSME may allow an unauthenticated user to potentially enable escalation of privilege via physical access. |
| CVE-2023-48361 | 2024-08-14 | Improper initialization in firmware for some Intel(R) CSME may allow a privileged user to potentially enable information disclosure via local access. |
| CVE-2024-21844 | 2024-08-14 | Integer overflow in firmware for some Intel(R) CSME may allow an unauthenticated user to potentially enable denial of service via adjacent access. |
| CVE-2023-34424 | 2024-08-14 | Improper input validation in firmware for some Intel(R) CSME may allow a privileged user to potentially enable denial of service via local access. |
| CVE-2023-38655 | 2024-08-14 | Improper buffer restrictions in firmware for some Intel(R) AMT and Intel(R) Standard Manageability may allow a privileged user to potentially enable denial of service via network access. |
| CVE-2024-21810 | 2024-08-14 | Improper input validation in the Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of... |
| CVE-2024-24983 | 2024-08-14 | Protection mechanism failure in firmware for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 4.4 may allow an unauthenticated user to potentially enable denial of service via... |
| CVE-2024-23497 | 2024-08-14 | Out-of-bounds write in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via... |
| CVE-2024-21769 | 2024-08-14 | Uncontrolled search path in some Intel(R) Ethernet Connection I219-LM install software may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-23981 | 2024-08-14 | Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via... |
| CVE-2024-24986 | 2024-08-14 | Improper access control in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege... |
| CVE-2024-23499 | 2024-08-14 | Protection mechanism failure in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 28.3 may allow an unauthenticated user to potentially enable denial... |
| CVE-2024-21807 | 2024-08-14 | Improper initialization in the Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege... |
| CVE-2024-21806 | 2024-08-14 | Improper conditions check in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 28.3 may allow an authenticated user to potentially enable denial... |
| CVE-2024-21787 | 2024-08-14 | Inadequate encryption strength for some BMRA software before version 22.08 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2024-7790 | 2024-08-14 | DevikaAI Stored Cross-Site Scripting |
| CVE-2024-41723 | 2024-08-14 | BIG-IP iControl REST vulnerability |
| CVE-2024-39778 | 2024-08-14 | BIG-IP HSB vulnerability |
| CVE-2024-41164 | 2024-08-14 | BIG-IP MPTCP vulnerability |
| CVE-2024-41727 | 2024-08-14 | BIG-IP TMM vulnerability |
| CVE-2024-41719 | 2024-08-14 | BIG-IP Next Central Manager vulnerability |
| CVE-2024-39809 | 2024-08-14 | BIG-IP Next Central Manager vulnerability |
| CVE-2024-37028 | 2024-08-14 | BIG-IP Next Central Manager vulnerability |
| CVE-2024-39792 | 2024-08-14 | NGINX Plus MQTT vulnerability |
| CVE-2024-7347 | 2024-08-14 | NGINX MP4 module vulnerability |
| CVE-2024-42259 | 2024-08-14 | drm/i915/gem: Fix Virtual Memory mapping boundaries calculation |
| CVE-2024-20790 | 2024-08-14 | Adobe Dimension Memory Corruption Out-of-Bounds-READ Vulnerability I, when parsing FBX file |
| CVE-2024-34124 | 2024-08-14 | ZDI-CAN-24031: Adobe Dimension SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2024-20789 | 2024-08-14 | ZDI-CAN-24030: Adobe Dimension SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| CVE-2024-34126 | 2024-08-14 | ZDI-CAN-24028: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2024-41865 | 2024-08-14 | Adobe Dimension Untrusted Search Path lead to load malicious DLL swift.dll |
| CVE-2024-34125 | 2024-08-14 | ZDI-CAN-24027: Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2024-34135 | 2024-08-14 | Adobe Illustrator CC 2023 v27.9 Vulnerability II |
| CVE-2024-34137 | 2024-08-14 | Adobe Illustrator 2024 CGM File Parsing Null Pointer Dereference |
| CVE-2024-34138 | 2024-08-14 | Adobe Illustrator CGM File Parsing Division By zero |
| CVE-2024-34133 | 2024-08-14 | Adobe Illustrator CC 2023 v27.9 Vulnerability I |
| CVE-2024-41856 | 2024-08-14 | Illustrator | Improper Input Validation (CWE-20) |
| CVE-2024-34118 | 2024-08-14 | Adobe illustrator 2024 TIF File parsing Division by zero denial of service |
| CVE-2024-34136 | 2024-08-14 | Adobe Illustrator PSD File Parsing Null Pointer dereference |
| CVE-2024-34134 | 2024-08-14 | Illustrator | Out-of-bounds Read (CWE-125) |
| CVE-2024-34117 | 2024-08-14 | Adobe Photoshop 2024 MPO File Parsing Use-After-Free vulnerability |
| CVE-2024-39386 | 2024-08-14 | ZDI-CAN-24057: Adobe Bridge AVI FIle Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2024-41840 | 2024-08-14 | ZDI-CAN-24607: Adobe Bridge JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |