CVE List - 2024 / August
Showing 301 - 400 of 2898 CVEs for August 2024 (Page 4 of 29)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-33026 | 2024-08-05 | Buffer Over-read in WLAN Host |
| CVE-2024-33027 | 2024-08-05 | Improper Access Control in Graphics Linux |
| CVE-2024-33028 | 2024-08-05 | Use After Free in Automotive Telematics |
| CVE-2024-33034 | 2024-08-05 | Use After Free in Graphics Linux |
| CVE-2023-31355 | 2024-08-05 | Improper restriction of write operations in SNP firmware could allow... |
| CVE-2024-21978 | 2024-08-05 | Improper input validation in SEV-SNP could allow a malicious hypervisor... |
| CVE-2024-21980 | 2024-08-05 | Improper restriction of write operations in SNP firmware could allow... |
| CVE-2024-6361 | 2024-08-05 | Improper Neutralization vulnerability (XSS) has been discovered in OpenText™ ALM Octane product. |
| CVE-2024-6915 | 2024-08-05 | JFrog Artifactory Cache Poisoning |
| CVE-2024-42350 | 2024-08-05 | Public key confusion in third party block in Biscuit |
| CVE-2024-41958 | 2024-08-05 | Two-Factor Authentication (2FA) Bypass in mailcow: dockerized |
| CVE-2024-41959 | 2024-08-05 | Cross-site Scripting (XSS) via API Logs in mailcow: dockerized |
| CVE-2024-41960 | 2024-08-05 | Cross-site Scripting (XSS) via Relay Hosts Configuration in mailcow: dockerized |
| CVE-2024-41820 | 2024-08-05 | Cluster-level privilege escalation in kubean |
| CVE-2024-41816 | 2024-08-05 | WordPress Cooked Plugin Persistent Cross-Site Scripting via Shortcode |
| CVE-2024-41811 | 2024-08-05 | ipl/web susceptible to Cross-Site Request Forgery (CSRF) |
| CVE-2024-23657 | 2024-08-05 | Path Traversal: '../filedir' in Nuxt Devtools |
| CVE-2024-34343 | 2024-08-05 | Cross-site Scripting (XSS) in navigateTo if used after SSR in nuxt |
| CVE-2024-34344 | 2024-08-05 | Remote code execution via the browser when running the test locally in nuxt |
| CVE-2024-42352 | 2024-08-05 | Server-Side Request Forgery (SSRF) in nuxt-icon |
| CVE-2024-7494 | 2024-08-05 | SourceCodester Clinics Patient Management System new_prescription.php sql injection |
| CVE-2024-7537 | 2024-08-05 | oFono QMI SMS Handling Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2024-7538 | 2024-08-05 | oFono CUSD AT Command Stack-based Buffer Overflow Code Execution Vulnerability |
| CVE-2024-7539 | 2024-08-05 | oFono CUSD Stack-based Buffer Overflow Code Execution Vulnerability |
| CVE-2024-7540 | 2024-08-05 | oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability |
| CVE-2024-7541 | 2024-08-05 | oFono AT CMT Command Uninitialized Variable Information Disclosure Vulnerability |
| CVE-2024-7542 | 2024-08-05 | oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability |
| CVE-2024-7543 | 2024-08-05 | oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| CVE-2024-7544 | 2024-08-05 | oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| CVE-2024-7545 | 2024-08-05 | oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| CVE-2024-7546 | 2024-08-05 | oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| CVE-2024-7547 | 2024-08-05 | oFono SMS Decoder Stack-based Buffer Overflow Privilege Escalation Vulnerability |
| CVE-2023-40819 | 2024-08-06 | ID4Portais in version < V.2022.837.002a returns message parameter unsanitized in... |
| CVE-2024-28739 | 2024-08-06 | An issue in Koha ILS 23.05 and before allows a... |
| CVE-2024-28740 | 2024-08-06 | Cross Site Scripting vulnerability in Koha ILS 23.05 and before... |
| CVE-2024-30170 | 2024-08-06 | PrivX before 34.0 allows data exfiltration and denial of service... |
| CVE-2024-33897 | 2024-08-06 | A compromised HMS Networks Cosy+ device could be used to... |
| CVE-2024-39225 | 2024-08-06 | GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12,... |
| CVE-2024-39226 | 2024-08-06 | GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12,... |
| CVE-2024-39227 | 2024-08-06 | GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12,... |
| CVE-2024-39228 | 2024-08-06 | GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12,... |
| CVE-2024-39229 | 2024-08-06 | An issue in GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300... |
| CVE-2024-41226 | 2024-08-06 | A CSV injection vulnerability in Automation Anywhere Automation 360 version... |
| CVE-2024-41270 | 2024-08-06 | An issue discovered in the RunHTTPServer function in Gorush v1.18.4... |
| CVE-2024-41616 | 2024-08-06 | D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the... |
| CVE-2024-42218 | 2024-08-06 | 1Password 8 before 8.10.38 for macOS allows local attackers to... |
| CVE-2024-42219 | 2024-08-06 | 1Password 8 before 8.10.36 for macOS allows local attackers to... |
| CVE-2024-36424 | 2024-08-06 | K7RKScan.sys in K7 Ultimate Security before 17.0.2019 allows local users... |
| CVE-2024-40101 | 2024-08-06 | A Reflected Cross-site scripting (XSS) vulnerability exists in '/search' in... |
| CVE-2024-41333 | 2024-08-06 | A reflected cross-site scripting (XSS) vulnerability in Phpgurukul Tourism Management... |
| CVE-2024-7495 | 2024-08-06 | itsourcecode Laravel Accounting System HomeController.php unrestricted upload |
| CVE-2024-7496 | 2024-08-06 | itsourcecode Airline Reservation System index.php file inclusion |
| CVE-2024-7484 | 2024-08-06 | CRM Perks Forms <= 1.1.3 - Authenticated (Administrator+) Arbitrary File Upload |
| CVE-2024-6315 | 2024-08-06 | Blox Page Builder <= 1.0.65 - Authenticated (Contributor+) Arbitrary File Upload |
| CVE-2023-5000 | 2024-08-06 | Horizontal scrolling announcements <= 2.4 - Authenticated (Contributor+) SQL Injection via Shortcode |
| CVE-2024-7485 | 2024-08-06 | Traffic Manager <= 1.4.5 - Unauthenticated Stored Cross-Site Scripting |
| CVE-2024-7497 | 2024-08-06 | itsourcecode Airline Reservation System index.php file inclusion |
| CVE-2024-5963 | 2024-08-06 | An unquoted executable path exists in Hitachi Device Manager |
| CVE-2024-5828 | 2024-08-06 | EL Injection Vulnerability in Hitachi Tuning Manager |
| CVE-2024-7498 | 2024-08-06 | itsourcecode Airline Reservation System Admin Login Page login.php login2 sql injection |
| CVE-2024-7499 | 2024-08-06 | itsourcecode Airline Reservation System flights.php sql injection |
| CVE-2024-6886 | 2024-08-06 | Inproper Sanitation of field leading to stored XSS |
| CVE-2024-7500 | 2024-08-06 | itsourcecode Airline Reservation System admin_class.php save_settings unrestricted upload |
| CVE-2024-6781 | 2024-08-06 | Calibre Arbitrary File Read |
| CVE-2024-6782 | 2024-08-06 | Calibre Remote Code Execution |
| CVE-2024-7008 | 2024-08-06 | Calibre Reflected Cross-Site Scripting (XSS) |
| CVE-2024-7009 | 2024-08-06 | Calibre SQL Injection |
| CVE-2024-28962 | 2024-08-06 | Dell Command | Update, Dell Update, and Alienware Update UWP,... |
| CVE-2024-7505 | 2024-08-06 | itsourcecode Bike Delivery System contact_us_action.php sql injection |
| CVE-2024-7506 | 2024-08-06 | itsourcecode Tailoring Management System setlogo.php unrestricted upload |
| CVE-2024-39817 | 2024-08-06 | Insertion of sensitive information into sent data issue exists in... |
| CVE-2024-5708 | 2024-08-06 | WPBakery <= 7.7 - Authenticated (Author+) Stored Cross-Site Scripting |
| CVE-2024-5709 | 2024-08-06 | WPBakery <= 7.7 - Authenticated (Author+) Local File Inclusion |
| CVE-2024-6200 | 2024-08-06 | HaloITSM - Stored Cross-Site Scripting in Tickets |
| CVE-2024-6201 | 2024-08-06 | HaloITSM - Emailing Template Injection |
| CVE-2024-6651 | 2024-08-06 | WordPress File Upload < 4.24.8 - Reflected XSS |
| CVE-2024-6766 | 2024-08-06 | Shortcodes Ultimate Pro < 7.2.1 - Contributor+ Stored XSS |
| CVE-2024-7082 | 2024-08-06 | easy-table-of-contents < 2.0.68 - Editor+ Stored XSS |
| CVE-2024-7084 | 2024-08-06 | Ajax Search Lite < 4.12.1 - Admin+ Stored XSS |
| CVE-2024-7055 | 2024-08-06 | FFmpeg pnmdec.c pnm_decode_frame heap-based overflow |
| CVE-2024-6202 | 2024-08-06 | HaloITSM - SAML XML Signature Wrapping (XSW) |
| CVE-2024-6203 | 2024-08-06 | HaloITSM - Password Reset Poisoning |
| CVE-2024-41995 | 2024-08-06 | Initialization of a resource with an insecure default vulnerability exists... |
| CVE-2024-7246 | 2024-08-06 | HPACK table poisoning in gRPC C++, Python & Ruby |
| CVE-2024-33975 | 2024-08-06 | Cross-site Scripting in Janobe E-Negosyo System |
| CVE-2024-33976 | 2024-08-06 | Cross-site Scripting in Janobe E-Negosyo System |
| CVE-2024-33977 | 2024-08-06 | Cross-site Scripting in Janobe E-Negosyo System |
| CVE-2024-7317 | 2024-08-06 | Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager <= 3.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via SVG File Upload |
| CVE-2024-33978 | 2024-08-06 | Cross-site Scripting in Janobe E-Negosyo System |
| CVE-2024-33957 | 2024-08-06 | SQL injection in Janobe E-Negosyo System |
| CVE-2024-33958 | 2024-08-06 | SQL injection in Janobe E-Negosyo System |
| CVE-2024-33979 | 2024-08-06 | Cross-site Scripting in Janobe products |
| CVE-2024-33980 | 2024-08-06 | Cross-site Scripting in Janobe products |
| CVE-2024-33981 | 2024-08-06 | Cross-site Scripting in Janobe products |
| CVE-2024-33959 | 2024-08-06 | SQL injection in Janobe products |
| CVE-2024-33960 | 2024-08-06 | SQL injection in Janobe products |
| CVE-2024-33961 | 2024-08-06 | SQL injection in Janobe products |
| CVE-2024-33962 | 2024-08-06 | SQL injection in Janobe products |
| CVE-2024-33963 | 2024-08-06 | SQL injection in Janobe products |
| CVE-2024-33964 | 2024-08-06 | SQL injection in Janobe products |