CVE List - 2024 / August
Showing 2001 - 2100 of 2898 CVEs for August 2024 (Page 21 of 29)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-38305 | 2024-08-21 | Dell SupportAssist for Home PCs Installer exe version 4.0.3 contains... |
| CVE-2024-7854 | 2024-08-21 | Woo Inquiry <= 0.1 - Unauthenticated SQL Injection |
| CVE-2024-5880 | 2024-08-21 | Hide My Site <= 2.2 - Unauthenticated Information Exposure |
| CVE-2024-7134 | 2024-08-21 | LiquidPoll <= 3.3.78 - Unauthenticated Stored Cross-Site Scripting via form_data Parameter |
| CVE-2024-6767 | 2024-08-21 | WordSurvey <= 3.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via sounding_title Parameter |
| CVE-2024-7390 | 2024-08-21 | WP Testimonial Widget <= 3.0 - Missing Authorization |
| CVE-2024-6883 | 2024-08-21 | Event Espresso 4 Decaf – Event Registration Event Ticketing <= 5.0.22.decaf - Authenticated (Subscriber+) Missing Authorization to Limited Plugin Settings Modification |
| CVE-2024-7030 | 2024-08-21 | Smart Online Order for Clover <= 1.5.6 - Missing Authorization to Authenticated (Subscriber+) Plugin Data Update |
| CVE-2024-7032 | 2024-08-21 | Smart Online Order for Clover <= 1.5.6 - Missing Authorization to Plugin Deactivation and Data Deletion |
| CVE-2024-7647 | 2024-08-21 | OTA Sync Booking Engine Widget 1.2.7 - Cross-Site Request Forgery to Stored Cross-Site Scripting |
| CVE-2024-7090 | 2024-08-21 | LH Add Media From Url <= 1.23 - Reflected Cross-Site Scripting |
| CVE-2024-7651 | 2024-08-21 | App Builder – Create Native Android & iOS Apps On The Flight <= 4.2.6 - Unauthenticated Limited SQL Injection via app-builder-search |
| CVE-2024-7629 | 2024-08-21 | Responsive Video <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-6568 | 2024-08-21 | Flamix: Bitrix24 and Contact Form 7 integrations <= 3.1.0 - Unauthenticated Full Path Disclosure |
| CVE-2024-7998 | 2024-08-21 | In affected versions of Octopus Server OIDC cookies were using... |
| CVE-2024-6508 | 2024-08-21 | Openshift-console: oauth2 insufficient state parameter entropy |
| CVE-2024-7013 | 2024-08-21 | Stack-based buffer overflow in Control FPWIN Pro version 7.7.2.0 and... |
| CVE-2022-48867 | 2024-08-21 | dmaengine: idxd: Prevent use after free on completion memory |
| CVE-2022-48868 | 2024-08-21 | dmaengine: idxd: Let probe fail when workqueue cannot be enabled |
| CVE-2022-48869 | 2024-08-21 | USB: gadgetfs: Fix race between mounting and unmounting |
| CVE-2022-48870 | 2024-08-21 | tty: fix possible null-ptr-defer in spk_ttyio_release |
| CVE-2022-48871 | 2024-08-21 | tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer |
| CVE-2022-48872 | 2024-08-21 | misc: fastrpc: Fix use-after-free race condition for maps |
| CVE-2022-48873 | 2024-08-21 | misc: fastrpc: Don't remove map on creater_process and device_release |
| CVE-2022-48874 | 2024-08-21 | misc: fastrpc: Fix use-after-free and race in fastrpc_map_find |
| CVE-2022-48875 | 2024-08-21 | wifi: mac80211: sdata can be NULL during AMPDU start |
| CVE-2022-48876 | 2024-08-21 | wifi: mac80211: fix initialization of rx->link and rx->link_sta |
| CVE-2022-48877 | 2024-08-21 | f2fs: let's avoid panic if extent_tree is not created |
| CVE-2022-48878 | 2024-08-21 | Bluetooth: hci_qca: Fix driver shutdown on closed serdev |
| CVE-2022-48879 | 2024-08-21 | efi: fix NULL-deref in init error path |
| CVE-2022-48880 | 2024-08-21 | platform/surface: aggregator: Add missing call to ssam_request_sync_free() |
| CVE-2022-48881 | 2024-08-21 | platform/x86/amd: Fix refcount leak in amd_pmc_probe |
| CVE-2022-48882 | 2024-08-21 | net/mlx5e: Fix macsec possible null dereference when updating MAC security entity (SecY) |
| CVE-2022-48883 | 2024-08-21 | net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent |
| CVE-2022-48884 | 2024-08-21 | net/mlx5: Fix command stats access after free |
| CVE-2022-48885 | 2024-08-21 | ice: Fix potential memory leak in ice_gnss_tty_write() |
| CVE-2022-48886 | 2024-08-21 | ice: Add check for kzalloc |
| CVE-2022-48887 | 2024-08-21 | drm/vmwgfx: Remove rcu locks from user resources |
| CVE-2022-48888 | 2024-08-21 | drm/msm/dpu: Fix memory leak in msm_mdss_parse_data_bus_icc_path |
| CVE-2022-48889 | 2024-08-21 | ASoC: Intel: sof-nau8825: fix module alias overflow |
| CVE-2022-48890 | 2024-08-21 | scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM |
| CVE-2022-48891 | 2024-08-21 | regulator: da9211: Use irq handler when ready |
| CVE-2022-48892 | 2024-08-21 | sched/core: Fix use-after-free bug in dup_user_cpus_ptr() |
| CVE-2022-48893 | 2024-08-21 | drm/i915/gt: Cleanup partial engine discovery failures |
| CVE-2022-48894 | 2024-08-21 | iommu/arm-smmu-v3: Don't unregister on shutdown |
| CVE-2022-48895 | 2024-08-21 | iommu/arm-smmu: Don't unregister on shutdown |
| CVE-2022-48896 | 2024-08-21 | ixgbe: fix pci device refcount leak |
| CVE-2022-48897 | 2024-08-21 | arm64/mm: fix incorrect file_map_count for invalid pmd |
| CVE-2022-48898 | 2024-08-21 | drm/msm/dp: do not complete dp_aux_cmd_fifo_tx() if irq is not for aux transfer |
| CVE-2022-48899 | 2024-08-21 | drm/virtio: Fix GEM handle creation UAF |
| CVE-2023-52893 | 2024-08-21 | gsmi: fix null-deref in gsmi_get_variable |
| CVE-2023-52894 | 2024-08-21 | usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate() |
| CVE-2023-52895 | 2024-08-21 | io_uring/poll: don't reissue in case of poll race on multishot request |
| CVE-2023-52896 | 2024-08-21 | btrfs: fix race between quota rescan and disable leading to NULL pointer deref |
| CVE-2023-52897 | 2024-08-21 | btrfs: qgroup: do not warn on record without old_roots populated |
| CVE-2023-52898 | 2024-08-21 | xhci: Fix null pointer dereference when host dies |
| CVE-2023-52899 | 2024-08-21 | Add exception protection processing for vd in axi_chan_handle_err function |
| CVE-2023-52900 | 2024-08-21 | nilfs2: fix general protection fault in nilfs_btree_insert() |
| CVE-2023-52901 | 2024-08-21 | usb: xhci: Check endpoint is valid before dereferencing it |
| CVE-2023-52902 | 2024-08-21 | nommu: fix memory leak in do_mmap() error path |
| CVE-2023-52903 | 2024-08-21 | io_uring: lock overflowing for IOPOLL |
| CVE-2023-52904 | 2024-08-21 | ALSA: usb-audio: Fix possible NULL pointer dereference in snd_usb_pcm_has_fixed_rate() |
| CVE-2023-52905 | 2024-08-21 | octeontx2-pf: Fix resource leakage in VF driver unbind |
| CVE-2023-52906 | 2024-08-21 | net/sched: act_mpls: Fix warning during failed attribute validation |
| CVE-2023-52907 | 2024-08-21 | nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame() |
| CVE-2023-52908 | 2024-08-21 | drm/amdgpu: Fix potential NULL dereference |
| CVE-2023-52909 | 2024-08-21 | nfsd: fix handling of cached open files in nfsd4_open codepath |
| CVE-2023-52910 | 2024-08-21 | iommu/iova: Fix alloc iova overflows issue |
| CVE-2023-52911 | 2024-08-21 | drm/msm: another fix for the headless Adreno GPU |
| CVE-2023-52912 | 2024-08-21 | drm/amdgpu: Fixed bug on error when unloading amdgpu |
| CVE-2023-52913 | 2024-08-21 | drm/i915: Fix potential context UAFs |
| CVE-2023-52914 | 2024-08-21 | io_uring/poll: add hash if ready poll request can't complete inline |
| CVE-2024-6339 | 2024-08-21 | Phlox PRO <= 5.16.4 - Reflected Cross-Site Scripting via Search Parameters |
| CVE-2024-5335 | 2024-08-21 | Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider <= 1.6.4 - Unauthenticated PHP Object Injection |
| CVE-2023-49198 | 2024-08-21 | Apache SeaTunnel Web: Arbitrary file read vulnerability |
| CVE-2023-22576 | 2024-08-21 | Dell Repository Manager version 3.4.2 and earlier, contain a Local... |
| CVE-2024-37008 | 2024-08-21 | Stack-based Overflow Vulnerability in Revit Software |
| CVE-2020-11850 | 2024-08-21 | Cross site scripting vulnerability in Self Service Password Reset |
| CVE-2020-11846 | 2024-08-21 | Improper handling of token allows access to restricted resource in Privileged Access Manager |
| CVE-2020-11847 | 2024-08-21 | Vulnerability in sshrelay in privileged access manager provides full system access. |
| CVE-2024-8007 | 2024-08-21 | Openstack-tripleo-common: rhosp director disables tls verification for registry mirrors |
| CVE-2024-28000 | 2024-08-21 | WordPress LiteSpeed Cache plugin <= 6.3.0.1 - Unauthenticated Privilege Escalation vulnerability |
| CVE-2024-7885 | 2024-08-21 | Undertow: improper state management in proxy protocol parsing causes information leakage |
| CVE-2024-41674 | 2024-08-21 | CKAN may leak Solr credentials via error message in package_search action |
| CVE-2024-41675 | 2024-08-21 | CKAN has a Cross-site Scripting vector in the Datatables view plugin |
| CVE-2024-43371 | 2024-08-21 | Potential access to sensitive URLs via CKAN extensions (SSRF) |
| CVE-2024-43407 | 2024-08-21 | Code Snippet GeSHi plugin has reflected cross-site scripting (XSS) vulnerability |
| CVE-2024-43410 | 2024-08-21 | Russh has an OOM Denial of Service due to allocation of untrusted amount |
| CVE-2024-43411 | 2024-08-21 | CKEditor4 has a low risk cross-site scripting (XSS) vulnerability from domain takeover |
| CVE-2022-26328 | 2024-08-21 | User enumeration vulnerability has been discovered in OpenText™ Performance Center |
| CVE-2022-26327 | 2024-08-21 | Stored cross-site scripting (XSS) has been discovered in OpenText™ Performance Center |
| CVE-2024-41937 | 2024-08-21 | Apache Airflow: Stored XSS Vulnerability on provider link |
| CVE-2024-7795 | 2024-08-21 | Autel MaxiCharger AC Elite Business C50 AppAuthenExchangeRandomNum Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2024-7722 | 2024-08-21 | Foxit PDF Reader Doc Object Use-After-Free Information Disclosure Vulnerability |
| CVE-2024-7723 | 2024-08-21 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| CVE-2024-7724 | 2024-08-21 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| CVE-2024-7725 | 2024-08-21 | Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| CVE-2024-21690 | 2024-08-21 | This High severity Reflected XSS and CSRF (Cross-Site Request Forgery)... |
| CVE-2024-7600 | 2024-08-21 | Logsign Unified SecOps Platform Directory Traversal Arbitrary File Deletion Vulnerability |
| CVE-2024-7601 | 2024-08-21 | Logsign Unified SecOps Platform Directory data_export_delete_all Traversal Arbitrary File Deletion Vulnerability |