CVE List - 2024 / August
Showing 2601 - 2700 of 2898 CVEs for August 2024 (Page 27 of 29)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-8219 | 2024-08-27 | code-projects Responsive Hotel Site index.php sql injection |
| CVE-2024-8220 | 2024-08-27 | itsourcecode Tailoring Management System staffedit.php sql injection |
| CVE-2024-8221 | 2024-08-27 | SourceCodester Music Gallery Site manage_category.php sql injection |
| CVE-2024-8222 | 2024-08-27 | SourceCodester Music Gallery Site sql injection |
| CVE-2024-8223 | 2024-08-27 | SourceCodester Music Gallery Site Master.php sql injection |
| CVE-2024-8224 | 2024-08-27 | Tenda G3 setDebugCfg formSetDebugCfg stack-based overflow |
| CVE-2024-8225 | 2024-08-27 | Tenda G3 SetSysTimeCfg formSetSysTime stack-based overflow |
| CVE-2024-8226 | 2024-08-27 | Tenda O1 setcfm formSetCfm stack-based overflow |
| CVE-2023-45896 | 2024-08-28 | ntfs3 in the Linux kernel through 6.8.0 allows a physically... |
| CVE-2024-34195 | 2024-08-28 | TOTOLINK AC1200 Wireless Router A3002R Firmware V1.1.1-B20200824 is vulnerable to... |
| CVE-2024-34198 | 2024-08-28 | TOTOLINK AC1200 Wireless Router A3002RU V2.1.1-B20230720.1011 is vulnerable to Buffer... |
| CVE-2024-41236 | 2024-08-28 | A SQL injection vulnerability in /smsa/admin_login.php in Kashipara Responsive School... |
| CVE-2024-42793 | 2024-08-28 | A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara... |
| CVE-2024-42900 | 2024-08-28 | Ruoyi v4.7.9 and before was discovered to contain a cross-site... |
| CVE-2024-42905 | 2024-08-28 | Beijing Digital China Cloud Technology Co., Ltd. DCME-320 v.7.4.12.60 has... |
| CVE-2024-44760 | 2024-08-28 | Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News... |
| CVE-2024-44761 | 2024-08-28 | An issue in EQ Enterprise Management System before v2.0.0 allows... |
| CVE-2024-44913 | 2024-08-28 | An issue in the component EXR!ReadEXR+0x40ef1 of Irfanview v4.67.1.0 allows... |
| CVE-2024-44914 | 2024-08-28 | An issue in the component EXR!ReadEXR+0x3df50 of Irfanview v4.67.1.0 allows... |
| CVE-2024-44915 | 2024-08-28 | An issue in the component EXR!ReadEXR+0x4eef0 of Irfanview v4.67.1.0 allows... |
| CVE-2024-45232 | 2024-08-28 | An issue was discovered in powermail extension through 12.3.5 for... |
| CVE-2024-45233 | 2024-08-28 | An issue was discovered in powermail extension through 12.3.5 for... |
| CVE-2024-41564 | 2024-08-28 | EMI v.1.1.10 and before, fixed in v.1.1.11, contains an Improper... |
| CVE-2024-41565 | 2024-08-28 | JustEnoughItems (JEI) 19.5.0.33 and before contains an Improper Validation of... |
| CVE-2024-42698 | 2024-08-28 | Roughly Enough Items (REI) v.16.0.729 and before contains an Improper... |
| CVE-2024-8227 | 2024-08-28 | Tenda O1 DhcpSetSer fromDhcpSetSer stack-based overflow |
| CVE-2024-8228 | 2024-08-28 | Tenda O5 setMacFilterList fromSafeSetMacFilter stack-based overflow |
| CVE-2024-8229 | 2024-08-28 | Tenda O6 operateMacFilter frommacFilterModify stack-based overflow |
| CVE-2024-8230 | 2024-08-28 | Tenda O6 setMacFilterList fromSafeSetMacFilter stack-based overflow |
| CVE-2024-8231 | 2024-08-28 | Tenda O6 setPortForward fromVirtualSet stack-based overflow |
| CVE-2024-7573 | 2024-08-28 | Relevanssi Live Ajax Search <= 2.4 - Unauthenticated WP_Query Argument Injection |
| CVE-2024-8030 | 2024-08-28 | Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider <= 2.0.3 - Unauthenticated PHP Object Injection |
| CVE-2024-6448 | 2024-08-28 | Mollie Payments for WooCommerce <= 7.7.0 - Unauthenticated Full Path Disclosure |
| CVE-2023-43078 | 2024-08-28 | Dell Dock Firmware and Dell Client Platform contain an Improper... |
| CVE-2024-39584 | 2024-08-28 | Dell Client Platform BIOS contains a Use of Default Cryptographic... |
| CVE-2024-39771 | 2024-08-28 | QBiC CLOUD CC-2L v1.1.30 and earlier and Safie One v1.8.2... |
| CVE-2024-4556 | 2024-08-28 | Directory traversal vulnerability in NetIQ Access Manager |
| CVE-2024-4555 | 2024-08-28 | User impersonation with MFA when configure in specific way |
| CVE-2024-4554 | 2024-08-28 | Multiple xss vulnerability in NetIQ Access Manager |
| CVE-2021-38122 | 2024-08-28 | Cross-Site Scripting (XSS) in Advance Authentication |
| CVE-2021-38121 | 2024-08-28 | Weak communication protocol identified in Advance Authentication client application |
| CVE-2021-38120 | 2024-08-28 | Remote Code Execution using Bash command Injection in backup scheduling functionality in NetIQ Advance Authentication |
| CVE-2021-22530 | 2024-08-28 | Improper account management vulnerability in NetIQ Advance Authentication |
| CVE-2021-22529 | 2024-08-28 | Sensitive Data Exposure leaks potential information in NetIQ Advance Authentication |
| CVE-2021-22509 | 2024-08-28 | Handling of sensitive data in process memory in NetIQ Advance Authentication |
| CVE-2024-6312 | 2024-08-28 | Funnelforms Free <= 3.7.3.2 - Authenticated (Administrator+) Arbitrary File Deletion |
| CVE-2024-6311 | 2024-08-28 | Funnelforms Free <= 3.7.3.2 - Authenticated (Administrator+) Arbitrary File Upload |
| CVE-2024-45346 | 2024-08-28 | GetApps application has code execution vulnerability |
| CVE-2024-44943 | 2024-08-28 | mm: gup: stop abusing try_grab_folio |
| CVE-2023-26324 | 2024-08-28 | GetApps application has code execution vulnerability |
| CVE-2023-26321 | 2024-08-28 | The international version of Xiaomi File Manager has a path traversal vulnerability |
| CVE-2023-26323 | 2024-08-28 | Xiaomi App Market has a code execution vulnerability |
| CVE-2023-26322 | 2024-08-28 | GetApps application has code execution vulnerability |
| CVE-2024-5546 | 2024-08-28 | SQL Injection |
| CVE-2024-7269 | 2024-08-28 | Stored XSS in ConnX ESP HR Management |
| CVE-2024-7447 | 2024-08-28 | Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free <= 3.7.3.2 - Missing Authorization to Unauthenticated Arbitrary Media Upload |
| CVE-2024-6449 | 2024-08-28 | Arbitrary cross-domain file inclusion in HyperView Geoportal Toolkit |
| CVE-2024-6450 | 2024-08-28 | Reflected XSS in HyperView Geoportal Toolkit |
| CVE-2024-8195 | 2024-08-28 | Permalink Manager Lite <= 2.4.4 - Missing Authorization to Unauthenticated Sensitive Information Exposure |
| CVE-2024-20279 | 2024-08-28 | Cisco Application Policy Infrastructure Controller Unauthorized Policy Actions Vulnerability |
| CVE-2024-20413 | 2024-08-28 | Cisco NX-OS Bash Privilege Escalation Vulnerability |
| CVE-2024-20411 | 2024-08-28 | Cisco NX-OS Bash Arbitrary Code Execution Vulnerability |
| CVE-2024-20478 | 2024-08-28 | Cisco Application Policy Infrastructure Controller App Privilege Escalation Vulnerability |
| CVE-2024-7744 | 2024-08-28 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Progress WS_FTP Server |
| CVE-2024-6053 | 2024-08-28 | Improper access control in the clipboard synchronization feature |
| CVE-2024-7745 | 2024-08-28 | Multi-Factor Authentication Bypass in Progress WS_FTP Server |
| CVE-2024-20289 | 2024-08-28 | Cisco NX-OS Software Command Injection Vulnerability |
| CVE-2024-20446 | 2024-08-28 | Cisco NX-OS Software DHCPv6 Relay Agent Denial of Service Vulnerability |
| CVE-2024-20286 | 2024-08-28 | Cisco NX-OS Software Python Parser Escape Vulnerability |
| CVE-2024-20285 | 2024-08-28 | Cisco NX-OS Software Python Parser Escape Vulnerability |
| CVE-2024-20284 | 2024-08-28 | Cisco NX-OS Software Python Parser Escape Vulnerability |
| CVE-2024-43805 | 2024-08-28 | HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering |
| CVE-2024-45054 | 2024-08-28 | Potential Permission Leakage of Cluster Level in hwameistor |
| CVE-2024-45043 | 2024-08-28 | OpenTelemetry Collector AWS Firehose Receiver Authentication Bypass Vulnerability |
| CVE-2024-45057 | 2024-08-28 | Reflected Cross-Site Scripting in i-Educar |
| CVE-2024-45058 | 2024-08-28 | Privilege escalation in i-Educar |
| CVE-2024-45059 | 2024-08-28 | Authenticated SQL Injection in i-Educar |
| CVE-2024-45048 | 2024-08-28 | XML External Entity Reference (XXE) in PHPSpreadsheet |
| CVE-2024-45046 | 2024-08-28 | PhpSpreadsheet HTML writer is vulnerable to Cross-Site Scripting via style information |
| CVE-2024-8193 | 2024-08-28 | Heap buffer overflow in Skia in Google Chrome prior to... |
| CVE-2024-8194 | 2024-08-28 | Type Confusion in V8 in Google Chrome prior to 128.0.6613.113... |
| CVE-2024-8198 | 2024-08-28 | Heap buffer overflow in Skia in Google Chrome prior to... |
| CVE-2024-8250 | 2024-08-28 | Expired Pointer Dereference in Wireshark |
| CVE-2024-41345 | 2024-08-29 | openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) via... |
| CVE-2024-41346 | 2024-08-29 | openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) via... |
| CVE-2024-41347 | 2024-08-29 | openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) via... |
| CVE-2024-41348 | 2024-08-29 | openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) via... |
| CVE-2024-41350 | 2024-08-29 | bjyadmin commit a560fd5 is vulnerable to Cross Site Scripting (XSS)... |
| CVE-2024-41351 | 2024-08-29 | bjyadmin commit a560fd5 is vulnerable to Cross Site Scripting (XSS)... |
| CVE-2024-41361 | 2024-08-29 | RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution... |
| CVE-2024-41364 | 2024-08-29 | RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution... |
| CVE-2024-41366 | 2024-08-29 | RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution... |
| CVE-2024-41367 | 2024-08-29 | RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution... |
| CVE-2024-41368 | 2024-08-29 | RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution... |
| CVE-2024-41369 | 2024-08-29 | RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution... |
| CVE-2024-41370 | 2024-08-29 | Organizr v1.90 was discovered to contain a SQL injection vulnerability... |
| CVE-2024-41371 | 2024-08-29 | Organizr v1.90 is vulnerable to Cross Site Scripting (XSS) via... |
| CVE-2024-41372 | 2024-08-29 | Organizr v1.90 was discovered to contain a SQL injection vulnerability... |
| CVE-2024-44777 | 2024-08-29 | A reflected cross-site scripting (XSS) vulnerability in the tag parameter... |
| CVE-2024-44778 | 2024-08-29 | A reflected cross-site scripting (XSS) vulnerability in the parent parameter... |