CVE List - 2024 / September
Showing 1001 - 1100 of 2518 CVEs for September 2024 (Page 11 of 26)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-8622 | 2024-09-12 | amCharts: Charts and Maps <= 1.4.4 - Reflected Cross-Site Scripting via Cross-Site Request Forgery |
| CVE-2024-8529 | 2024-09-12 | LearnPress – WordPress LMS Plugin <= 4.2.7 - Unauthenticated SQL Injection via 'c_fields' |
| CVE-2024-8522 | 2024-09-12 | LearnPress – WordPress LMS Plugin <= 4.2.7 - Unauthenticated SQL Injection via 'c_only_fields' |
| CVE-2024-2010 | 2024-09-12 | Reflected XSS in TE Informatics' V5 Software |
| CVE-2024-8749 | 2024-09-12 | SQL Injection vulnerability in Idoit pro |
| CVE-2024-8750 | 2024-09-12 | Cross-site Scripting vulnerability in Idoit pro |
| CVE-2022-26322 | 2024-09-12 | Possible Insertion of Sensitive Information into Log File Vulnerability in Identity Manager |
| CVE-2021-38133 | 2024-09-12 | Possible Improper authentication Vulnerability in OpenText eDirectory |
| CVE-2021-38132 | 2024-09-12 | Possible External service interaction Vulnerability |
| CVE-2021-38131 | 2024-09-12 | Cross-Site Scripting (XSS) Vulnerability |
| CVE-2021-22533 | 2024-09-12 | Possible Insertion of Sensitive Information into Log File Vulnerability |
| CVE-2021-22532 | 2024-09-12 | Possible NLDAP Denial of Service attack Vulnerability |
| CVE-2021-22518 | 2024-09-12 | Sensitive Information logging in NetIQ Identity Manager Driver |
| CVE-2021-22503 | 2024-09-12 | Improper Neutralization of Input During Web Page Generation Vulnerability |
| CVE-2024-27320 | 2024-09-12 | An arbitrary code execution vulnerability exists in versions 0.0.8 and... |
| CVE-2024-27321 | 2024-09-12 | An arbitrary code execution vulnerability exists in versions 0.0.8 and... |
| CVE-2024-45857 | 2024-09-12 | Deserialization of untrusted data can occur in versions 2.4.0 or... |
| CVE-2024-45846 | 2024-09-12 | An arbitrary code execution vulnerability exists in versions 23.10.3.0 up... |
| CVE-2024-45847 | 2024-09-12 | An arbitrary code execution vulnerability exists in versions 23.11.4.2 up... |
| CVE-2024-45848 | 2024-09-12 | An arbitrary code execution vulnerability exists in versions 23.12.4.0 up... |
| CVE-2024-45849 | 2024-09-12 | An arbitrary code execution vulnerability exists in versions 23.10.5.0 up... |
| CVE-2024-45850 | 2024-09-12 | An arbitrary code execution vulnerability exists in versions 23.10.5.0 up... |
| CVE-2024-45851 | 2024-09-12 | An arbitrary code execution vulnerability exists in versions 23.10.5.0 up... |
| CVE-2024-45852 | 2024-09-12 | Deserialization of untrusted data can occur in versions 23.3.2.0 and... |
| CVE-2024-45853 | 2024-09-12 | Deserialization of untrusted data can occur in versions 23.10.2.0 and... |
| CVE-2024-3305 | 2024-09-12 | Information Disclosure in Utarit Information's SoliClub |
| CVE-2024-45854 | 2024-09-12 | Deserialization of untrusted data can occur in versions 23.10.3.0 and... |
| CVE-2024-45855 | 2024-09-12 | Deserialization of untrusted data can occur in versions 23.10.2.0 and... |
| CVE-2024-45856 | 2024-09-12 | A cross-site scripting (XSS) vulnerability exists in all versions of... |
| CVE-2024-3306 | 2024-09-12 | IDOR in Utarit Information's SoliClub |
| CVE-2024-28990 | 2024-09-12 | SolarWinds Access Rights Manager (ARM) Hardcoded Credentials Authentication Bypass Vulnerability |
| CVE-2024-28991 | 2024-09-12 | SolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code Execution |
| CVE-2024-45824 | 2024-09-12 | FactoryTalk® View Site Edition Remote Code Execution Vulnerability via Lack of Input Validation |
| CVE-2024-42484 | 2024-09-12 | ESP-NOW OOB Vulnerability In Group Type Message |
| CVE-2024-42483 | 2024-09-12 | ESP-NOW Replay Attacks Vulnerability |
| CVE-2024-6510 | 2024-09-12 | Local privilege escalation vulnerability in AVG Internet Security |
| CVE-2024-45823 | 2024-09-12 | FactoryTalk® Batch View™ Authentication Bypass Vulnerability via shared secrets |
| CVE-2024-6700 | 2024-09-12 | Pega Platform versions 8.1 to Infinity 24.1.2 are affected by... |
| CVE-2024-6701 | 2024-09-12 | Pega Platform versions 8.1 to Infinity 24.1.2 are affected by... |
| CVE-2024-6702 | 2024-09-12 | Pega Platform versions 8.1 to Infinity 24.1.2 are affected by... |
| CVE-2024-45825 | 2024-09-12 | 5015-U8IHFT Denial-of-Service Vulnerability via CIP Message |
| CVE-2024-45826 | 2024-09-12 | ThinManager® Code Execution Vulnerability |
| CVE-2024-6658 | 2024-09-12 | Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows OS Command Injection. |
| CVE-2024-6840 | 2024-09-12 | Automation-controller: gain access to the k8s api server via job execution with container group |
| CVE-2024-8640 | 2024-09-12 | Improper Neutralization of Special Elements used in a Command ('Command Injection') in GitLab |
| CVE-2024-8124 | 2024-09-12 | Inefficient Regular Expression Complexity in GitLab |
| CVE-2024-6389 | 2024-09-12 | Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitLab |
| CVE-2024-6446 | 2024-09-12 | Business Logic Errors in GitLab |
| CVE-2024-5435 | 2024-09-12 | Generation of Error Message Containing Sensitive Information in GitLab |
| CVE-2024-4660 | 2024-09-12 | Missing Authorization in GitLab |
| CVE-2024-4612 | 2024-09-12 | URL Redirection to Untrusted Site ('Open Redirect') in GitLab |
| CVE-2024-2743 | 2024-09-12 | Incorrect Authorization in GitLab |
| CVE-2024-8635 | 2024-09-12 | Server-Side Request Forgery (SSRF) in GitLab |
| CVE-2024-8754 | 2024-09-12 | External Control of Critical State Data in GitLab |
| CVE-2024-8631 | 2024-09-12 | Privilege Defined With Unsafe Actions in GitLab |
| CVE-2024-8695 | 2024-09-12 | A remote code execution (RCE) vulnerability via crafted extension description/changelog could be abused by a malicious extension in Docker Desktop before 4.34.2. |
| CVE-2024-8696 | 2024-09-12 | A remote code execution (RCE) vulnerability via crafted extension publisher-url/additional-urls could be abused by a malicious extension in Docker Desktop before 4.34.2. |
| CVE-2024-45303 | 2024-09-12 | Discourse Calendar plugin event names susceptible to XSS |
| CVE-2024-45383 | 2024-09-12 | A mishandling of IRP requests vulnerability exists in the HDAudBus_DMA... |
| CVE-2024-8641 | 2024-09-12 | Privilege Context Switching Error in GitLab |
| CVE-2024-6678 | 2024-09-12 | Authentication Bypass by Spoofing in GitLab |
| CVE-2024-4472 | 2024-09-12 | Insertion of Sensitive Information into Log File in GitLab |
| CVE-2024-8311 | 2024-09-12 | Improper Protection of Alternate Path in GitLab |
| CVE-2024-20430 | 2024-09-12 | Cisco Meraki Systems Manager Agent for Windows Privilege Escalation Vulnerability |
| CVE-2024-45607 | 2024-09-12 | whatsapp-api-js fails to validate message's signature |
| CVE-2024-6077 | 2024-09-12 | Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix® 5380 Vulnerable to DoS vulnerability via CIP |
| CVE-2024-8533 | 2024-09-12 | Rockwell Automation OptixPanel™ Privilege Escalation Vulnerability via File Permissions |
| CVE-2024-7960 | 2024-09-12 | Rockwell Automation Incorrect Privileges and Path Traversal Vulnerability in Pavilion8® |
| CVE-2024-7961 | 2024-09-12 | Rockwell Automation Path Traversal Vulnerability in Pavilion8® |
| CVE-2024-8751 | 2024-09-12 | Vulnerability in SICK MSC800 |
| CVE-2024-44430 | 2024-09-13 | SQL Injection vulnerability in Best Free Law Office Management Software-v1.0... |
| CVE-2024-44685 | 2024-09-13 | Titan SFTP and Titan MFT Server 2.0.25.2426 and earlier have... |
| CVE-2024-44798 | 2024-09-13 | phpgurukul Bus Pass Management System 1.0 is vulnerable to Cross-site... |
| CVE-2024-46044 | 2024-09-13 | CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the... |
| CVE-2024-46045 | 2024-09-13 | Tenda CH22 V1.0.0.6(468) has a stack overflow vulnerability located in... |
| CVE-2024-46046 | 2024-09-13 | Tenda FH451 v1.0.0.9 has a stack overflow vulnerability located in... |
| CVE-2024-46047 | 2024-09-13 | Tenda FH451 v1.0.0.9 has a stack overflow vulnerability in the... |
| CVE-2024-46048 | 2024-09-13 | Tenda FH451 v1.0.0.9 has a command injection vulnerability in the... |
| CVE-2024-46049 | 2024-09-13 | Tenda O6 V3.0 firmware V1.0.0.7(2054) contains a stack overflow vulnerability... |
| CVE-2024-39924 | 2024-09-13 | An issue was discovered in Vaultwarden (formerly Bitwarden_RS) 1.30.3. A... |
| CVE-2024-39925 | 2024-09-13 | An issue was discovered in Vaultwarden (formerly Bitwarden_RS) 1.30.3. It... |
| CVE-2024-39926 | 2024-09-13 | An issue was discovered in Vaultwarden (formerly Bitwarden_RS) 1.30.3. A... |
| CVE-2024-8762 | 2024-09-13 | code-projects Crud Operation System updatedata.php sql injection |
| CVE-2024-43180 | 2024-09-13 | IBM Concert information disclosure |
| CVE-2024-8656 | 2024-09-13 | WPFactory Helper <= 1.7.0 - Reflected Cross-Site Scripting |
| CVE-2024-46673 | 2024-09-13 | scsi: aacraid: Fix double-free on probe failure |
| CVE-2024-46674 | 2024-09-13 | usb: dwc3: st: fix probed platform device ref count on probe error path |
| CVE-2024-46675 | 2024-09-13 | usb: dwc3: core: Prevent USB core invalid event buffer address access |
| CVE-2024-46676 | 2024-09-13 | nfc: pn533: Add poll mod list filling check |
| CVE-2024-46677 | 2024-09-13 | gtp: fix a potential NULL pointer dereference |
| CVE-2024-46678 | 2024-09-13 | bonding: change ipsec_lock from spin lock to mutex |
| CVE-2024-46679 | 2024-09-13 | ethtool: check device is present when getting link settings |
| CVE-2024-46680 | 2024-09-13 | Bluetooth: btnxpuart: Fix random crash seen while removing driver |
| CVE-2024-46681 | 2024-09-13 | pktgen: use cpus_read_lock() in pg_net_init() |
| CVE-2024-46682 | 2024-09-13 | nfsd: prevent panic for nfsv4.0 closed files in nfs4_show_open |
| CVE-2024-46683 | 2024-09-13 | drm/xe: prevent UAF around preempt fence |
| CVE-2024-46684 | 2024-09-13 | binfmt_elf_fdpic: fix AUXV size calculation when ELF_HWCAP2 is defined |
| CVE-2024-46685 | 2024-09-13 | pinctrl: single: fix potential NULL dereference in pcs_get_function() |
| CVE-2024-46686 | 2024-09-13 | smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() |
| CVE-2024-46687 | 2024-09-13 | btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk() |