Pagina 2 – Azienda Sicura

Lista CVE 2024/11xxx

CVE nel gruppo: 11xxx

CVE-2024-11022 (N/A)

CVE-2024-11023 (SICK InspectorP61x and SICK InspectorP62x are vulnerable for a replay attack)

CVE-2024-11024 (Session Hijacking in Firebase JavaScript SDK)

CVE-2024-11025 (AppPresser – Mobile App Framework <= 4.4.6 - Unauthenticated Privilege Escalation via Password Reset)

CVE-2024-11026 (SMA: SQL injection in Sunny Central UP)

CVE-2024-11028 (Intelligent Apps Freenow App Keystore SSL.java hard-coded password)

CVE-2024-11029 (MultiManager WP – Manage All Your WordPress Sites Easily <= 1.0.5 - Authentication Bypass via User Impersonation)

CVE-2024-11030 (Freeipa: administrative user data leaked through systemd journal)

CVE-2024-11031 (SSRF in binary-husky/gpt_academic)

CVE-2024-11032 (SSRF in binary-husky/gpt_academic)

CVE-2024-11033 (Parsi Date <= 5.1.1 - Reflected Cross-Site Scripting via add_query_arg Parameter)

CVE-2024-11034 (Denial of Service (DoS) in binary-husky/gpt_academic)

CVE-2024-11035 (Request a Quote for WooCommerce and Elementor – Get a Quote Button – Product Enquiry Form Popup – Product Quotation <= 1.4 - Unauthenticated Arbitrary Shortcode Execution via fire_contact_form)

CVE-2024-11036 (Carbon Black Cloud Windows Sensor Information Leak)

CVE-2024-11037 (GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress <= 7.1.5 - Unauthenticated Arbitrary Shortcode Execution via gamipress_get_user_earnings)

CVE-2024-11038 (Path Traversal in binary-husky/gpt_academic)

CVE-2024-11039 (WPB Popup for Contact Form 7 – Showing The Contact Form 7 Popup on Button Click – CF7 Popup <= 1.7.5 - Unauthenticated Arbitrary Shortcode Execution via wpb_pcf_fire_contact_form)

CVE-2024-11040 (Deserialization of Untrusted Data in binary-husky/gpt_academic)

CVE-2024-11041 (Denial of Service in vllm-project/vllm)

CVE-2024-11042 (Remote Code Execution in vllm-project/vllm)

CVE-2024-11043 (Arbitrary File Delete in invoke-ai/invokeai)

CVE-2024-11044 (Denial of Service (DoS) via Large Payload in Board Name Field in invoke-ai/invokeai)

CVE-2024-11045 (Open Redirect in automatic1111/stable-diffusion-webui)

CVE-2024-11046 (Cross-Site WebSocket Hijacking (CSWSH) in automatic1111/stable-diffusion-webui)

CVE-2024-11047 (D-Link DI-8003 upgrade_filter.asp upgrade_filter_asp os command injection)

CVE-2024-11048 (D-Link DI-8003 upgrade_filter.asp upgrade_filter_asp stack-based overflow)

CVE-2024-11049 (D-Link DI-8003 dbsrv.asp dbsrv_asp stack-based overflow)

CVE-2024-11050 (ZKTeco ZKBio Time Image File photo direct request)

CVE-2024-11051 (AMTT Hotel Broadband Operation System language.php cross site scripting)

CVE-2024-11052 (AMTT Hotel Broadband Operation System online_status.php sql injection)

CVE-2024-11053 (Ninja Forms – The Contact Form Builder That Grows With You <= 3.8.19 - Unauthenticated Stored Cross-Site Scripting via Form Calculations)

CVE-2024-11054 (netrc and redirect credential leak)

CVE-2024-11055 (SourceCodester Simple Music Cloud Community System ajax.php unrestricted upload)

CVE-2024-11056 (1000 Projects Beauty Parlour Management System admin-profile.php sql injection)

CVE-2024-11057 (Tenda AC10 WifiExtraSet FUN_0046AC38 stack-based overflow)

CVE-2024-11058 (Codezips Hospital Appointment System removeBranchResult.php sql injection)

CVE-2024-11059 (CodeAstro Real Estate Management System About Us Page aboutedit.php sql injection)

CVE-2024-11060 (Project Worlds Free Download Online Shopping System success.php sql injection)

CVE-2024-11061 (Jinher Network Collaborative Management Platform 金和数字化智能办公平台 AcceptShow.aspx sql injection)

CVE-2024-11062 (Tenda AC10 fast_setting_wifi_set FUN_0044db3c stack-based overflow)

Precedente Successivo