CVE List - 2024 / August
Showing 1001 - 1100 of 2898 CVEs for August 2024 (Page 11 of 29)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-38724 | 2024-08-13 | WordPress Contact Form 7 Summary and Print plugin <= 1.2.5 - Cross Site Request Forgery (CSRF) to XSS vulnerability |
| CVE-2024-38742 | 2024-08-13 | WordPress MBE eShip plugin <= 2.1.2 - Sensitive Data Exposure vulnerability |
| CVE-2024-2259 | 2024-08-13 | Reflected XXS Vulnerability in InstaRISPACS Software |
| CVE-2024-38747 | 2024-08-13 | WordPress HitPay Payment Gateway for WooCommerce plugin <= 4.1.3 - Sensitive Data Exposure via Log File vulnerability |
| CVE-2024-38749 | 2024-08-13 | WordPress Olive One Click Demo Import plugin <= 1.1.2 - Sensitive Data Exposure vulnerability |
| CVE-2024-38752 | 2024-08-13 | WordPress Zoho Campaigns plugin <= 2.0.8 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38756 | 2024-08-13 | WordPress Coming Soon Page – Responsive Coming Soon & Maintenance Mode plugin <= 1.6.3 - Sensitive Data Exposure vulnerability |
| CVE-2024-38760 | 2024-08-13 | WordPress Send Users Email plugin <= 1.5.1 - Sensitive Data Exposure vulnerability |
| CVE-2024-38787 | 2024-08-13 | WordPress Import and export users and customers plugin <= 1.26.8 - Sensitive Information via Imported File vulnerability |
| CVE-2024-39642 | 2024-08-13 | WordPress LearnPress plugin <= 4.2.6.8.2 - Insecure Direct Object References (IDOR) vulnerability |
| CVE-2024-39651 | 2024-08-13 | WordPress WooCommerce PDF Vouchers plugin < 4.9.5 - Unauthenticated Arbitrary File Deletion vulnerability |
| CVE-2024-43121 | 2024-08-13 | WordPress HUSKY plugin <= 1.3.6.1 - Privilege Escalation vulnerability |
| CVE-2024-43128 | 2024-08-13 | WordPress WooCommerce Product Table Lite plugin <= 3.5.1 - Arbitrary Code Execution vulnerability |
| CVE-2024-43129 | 2024-08-13 | WordPress BetterDocs plugin <= 3.5.8 - Local File Inclusion vulnerability |
| CVE-2024-43131 | 2024-08-13 | WordPress Docket (WooCommerce Collections / Wishlist / Watchlist) plugin < 1.7.0 - Unauthenticated Arbitrary Post/Page Deletion vulnerability |
| CVE-2024-43135 | 2024-08-13 | WordPress WPCafe plugin <= 2.2.28 - Local File Inclusion vulnerability |
| CVE-2024-40697 | 2024-08-13 | IBM Common Licensing information disclosure |
| CVE-2024-41774 | 2024-08-13 | IBM Common Licensing cross-site scripting |
| CVE-2024-35124 | 2024-08-13 | IBM OpenBMC authentication bypass |
| CVE-2024-37287 | 2024-08-13 | Kibana arbitrary code execution via prototype pollution |
| CVE-2024-43138 | 2024-08-13 | WordPress Event Manager and Tickets Selling Plugin for WooCommerce plugin <= 4.2.1 - Local File Inclusion vulnerability |
| CVE-2024-43140 | 2024-08-13 | WordPress Ultimate Bootstrap Elements for Elementor plugin <= 1.4.4 - Local File Inclusion vulnerability |
| CVE-2024-43141 | 2024-08-13 | WordPress Participants Database plugin <= 2.5.9.2 - PHP Object Injection vulnerability |
| CVE-2024-43153 | 2024-08-13 | WordPress Woffice theme <= 5.4.10 - Unauthenticated Privilege Escalation vulnerability |
| CVE-2024-43160 | 2024-08-13 | WordPress BerqWP plugin <= 1.7.6 - Unauthenticated Arbitrary File Upload vulnerability |
| CVE-2024-43165 | 2024-08-13 | WordPress WPSection plugin <= 1.3.8 - Contributor+ Limited Local File Inclusion vulnerability |
| CVE-2024-3913 | 2024-08-13 | Phoenix Contact: Start sequence allows attack during the boot process |
| CVE-2024-5849 | 2024-08-13 | Pepperl+Fuchs: Device Master ICDM-RX/* XSS vulnerability allows reflected XSS |
| CVE-2024-38501 | 2024-08-13 | Pepperl+Fuchs: Device Master ICDM-RX/* XSS vulnerability allows HTML injection |
| CVE-2024-38502 | 2024-08-13 | Pepperl+Fuchs: Device Master ICDM-RX/* XSS vulnerability allows stored XSS |
| CVE-2024-6788 | 2024-08-13 | Phoenix Contact: update feature from CHARX controller can be used to reset a low privilege user password |
| CVE-2024-6384 | 2024-08-13 | Backup files may be downloaded by underprivileged users in MongoDB Enterprise Server |
| CVE-2024-7746 | 2024-08-13 | Use of default credentials at Traccar fleet management solution |
| CVE-2023-26211 | 2024-08-13 | An improper neutralization of input during web page generation ('cross-site... |
| CVE-2024-36505 | 2024-08-13 | An improper access control vulnerability [CWE-284] in FortiOS 7.4.0 through... |
| CVE-2022-45862 | 2024-08-13 | An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5... |
| CVE-2022-27486 | 2024-08-13 | A improper neutralization of special elements used in an os... |
| CVE-2024-21757 | 2024-08-13 | A unverified password change in Fortinet FortiManager versions 7.0.0 through... |
| CVE-2024-7113 | 2024-08-13 | Allocation of Resources Without Limits or Throttling in AVEVA SuiteLink Server |
| CVE-2024-6618 | 2024-08-13 | Path Traversal in Ocean Data Systems Dream Report |
| CVE-2024-6619 | 2024-08-13 | Incorrect Permission Assignment for Critical Resource in Ocean Data Systems Dream Report |
| CVE-2021-26344 | 2024-08-13 | An out of bounds memory write when processing the AMD... |
| CVE-2021-26367 | 2024-08-13 | A malicious attacker in x86 can misconfigure the Trusted Memory... |
| CVE-2021-26387 | 2024-08-13 | Insufficient access controls in ASP kernel may allow a privileged... |
| CVE-2021-46746 | 2024-08-13 | Lack of stack protection exploit mechanisms in ASP Secure OS... |
| CVE-2021-46772 | 2024-08-13 | Insufficient input validation in the ABL may allow a privileged... |
| CVE-2022-23815 | 2024-08-13 | Improper bounds checking in APCB firmware may allow an attacker... |
| CVE-2022-23817 | 2024-08-13 | Insufficient checking of memory buffer in ASP Secure OS may... |
| CVE-2023-20509 | 2024-08-13 | An insufficient DRAM address validation in PMFW may allow a... |
| CVE-2023-20510 | 2024-08-13 | An insufficient DRAM address validation in PMFW may allow a... |
| CVE-2023-20512 | 2024-08-13 | A hardcoded AES key in PMFW may result in a... |
| CVE-2023-20513 | 2024-08-13 | An insufficient bounds check in PMFW (Power Management Firmware) may... |
| CVE-2023-20518 | 2024-08-13 | Incomplete cleanup in the ASP may expose the Master Encryption... |
| CVE-2023-20578 | 2024-08-13 | A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with... |
| CVE-2023-20584 | 2024-08-13 | IOMMU improperly handles certain special address ranges with invalid device... |
| CVE-2023-20591 | 2024-08-13 | Improper re-initialization of IOMMU during the DRTM event may permit... |
| CVE-2023-31305 | 2024-08-13 | Generation of weak and predictable Initialization Vector (IV) in PMFW... |
| CVE-2023-31304 | 2024-08-13 | Improper input validation in SMU may allow an attacker with... |
| CVE-2023-31307 | 2024-08-13 | Improper validation of array index in Power Management Firmware (PMFW)... |
| CVE-2023-31310 | 2024-08-13 | Improper input validation in Power Management Firmware (PMFW) may allow... |
| CVE-2023-31356 | 2024-08-13 | Incomplete system memory cleanup in SEV firmware could allow a... |
| CVE-2024-21981 | 2024-08-13 | Improper key usage control in AMD Secure Processor (ASP) may... |
| CVE-2023-31339 | 2024-08-13 | Improper input validation in ARM® Trusted Firmware used in AMD’s... |
| CVE-2023-31341 | 2024-08-13 | Insufficient validation of the Input Output Control (IOCTL) input buffer... |
| CVE-2023-31348 | 2024-08-13 | A DLL hijacking vulnerability in AMD μProf could allow an... |
| CVE-2023-31349 | 2024-08-13 | Incorrect default permissions in the AMD μProf installation directory could... |
| CVE-2023-31366 | 2024-08-13 | Improper input validation in AMD μProf could allow an attacker... |
| CVE-2024-38108 | 2024-08-13 | Azure Stack Hub Spoofing Vulnerability |
| CVE-2024-38123 | 2024-08-13 | Windows Bluetooth Driver Information Disclosure Vulnerability |
| CVE-2024-38159 | 2024-08-13 | Windows Network Virtualization Remote Code Execution Vulnerability |
| CVE-2024-38160 | 2024-08-13 | Windows Network Virtualization Remote Code Execution Vulnerability |
| CVE-2024-38161 | 2024-08-13 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability |
| CVE-2024-38167 | 2024-08-13 | .NET and Visual Studio Information Disclosure Vulnerability |
| CVE-2024-38168 | 2024-08-13 | .NET and Visual Studio Denial of Service Vulnerability |
| CVE-2024-38172 | 2024-08-13 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2024-38178 | 2024-08-13 | Scripting Engine Memory Corruption Vulnerability |
| CVE-2024-38184 | 2024-08-13 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability |
| CVE-2024-38191 | 2024-08-13 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability |
| CVE-2024-38193 | 2024-08-13 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| CVE-2024-38196 | 2024-08-13 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| CVE-2024-38197 | 2024-08-13 | Microsoft Teams for iOS Spoofing Vulnerability |
| CVE-2024-38198 | 2024-08-13 | Windows Print Spooler Elevation of Privilege Vulnerability |
| CVE-2024-38199 | 2024-08-13 | Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability |
| CVE-2024-38201 | 2024-08-13 | Azure Stack Hub Elevation of Privilege Vulnerability |
| CVE-2024-38213 | 2024-08-13 | Windows Mark of the Web Security Feature Bypass Vulnerability |
| CVE-2024-38084 | 2024-08-13 | Microsoft OfficePlus Elevation of Privilege Vulnerability |
| CVE-2024-38063 | 2024-08-13 | Windows TCP/IP Remote Code Execution Vulnerability |
| CVE-2024-38098 | 2024-08-13 | Azure Connected Machine Agent Elevation of Privilege Vulnerability |
| CVE-2024-38106 | 2024-08-13 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2024-38107 | 2024-08-13 | Windows Power Dependency Coordinator Elevation of Privilege Vulnerability |
| CVE-2024-29995 | 2024-08-13 | Windows Kerberos Elevation of Privilege Vulnerability |
| CVE-2024-38114 | 2024-08-13 | Windows IP Routing Management Snapin Remote Code Execution Vulnerability |
| CVE-2024-38115 | 2024-08-13 | Windows IP Routing Management Snapin Remote Code Execution Vulnerability |
| CVE-2024-38116 | 2024-08-13 | Windows IP Routing Management Snapin Remote Code Execution Vulnerability |
| CVE-2024-38117 | 2024-08-13 | NTFS Elevation of Privilege Vulnerability |
| CVE-2024-38118 | 2024-08-13 | Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability |
| CVE-2024-38121 | 2024-08-13 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2024-38122 | 2024-08-13 | Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability |
| CVE-2024-38125 | 2024-08-13 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability |
| CVE-2024-38126 | 2024-08-13 | Windows Network Address Translation (NAT) Denial of Service Vulnerability |