Lista CVE 2024/13xxx

CVE nel gruppo: 13xxx

CVE-2024-13021 (N/A)

CVE-2024-13022 (SourceCodester Road Accident Map Marker add-mark.php cross site scripting)

CVE-2024-13023 (taisan tarzan-cms Article Management UploadController.java UploadResponse unrestricted upload)

CVE-2024-13024 (PHPGurukul Maid Hiring Management System Search Maid Page search-maid.php cross site scripting)

CVE-2024-13025 (Codezips Blood Bank Management System campaign.php sql injection)

CVE-2024-13026 (Codezips College Management System faculty.php sql injection)

CVE-2024-13028 (Inadequate Encryption Strength Vulnerability in Roche Algo Edge)

CVE-2024-13029 (Antabot White-Jotter login observable response discrepancy)

CVE-2024-13030 (Antabot White-Jotter Edit Book book server-side request forgery)

CVE-2024-13031 (D-Link DIR-823G Web Management Interface HNAP1 SetVirtualServerSettings access control)

CVE-2024-13032 (Antabot White-Jotter Article Content Editor editor cross site scripting)

CVE-2024-13033 (Antabot White-Jotter Article Editor editor server-side request forgery)

CVE-2024-13034 (code-projects Chat System chatroom.php cross site scripting)

CVE-2024-13035 (code-projects Chat System update_user.php cross site scripting)

CVE-2024-13036 (code-projects Chat System update_user.php sql injection)

CVE-2024-13037 (code-projects Chat System update_room.php sql injection)

CVE-2024-13038 (1000 Projects Attendance Tracking Management System report.php attendance_report sql injection)

CVE-2024-13039 (CodeAstro Simple Loan Management System Login index.php sql injection)

CVE-2024-13040 (code-projects Simple Chat System add_user.php sql injection)

CVE-2024-13041 (Quanta Computer QOCA aim – Authorization Bypass)

CVE-2024-13042 (Incorrect User Management in GitLab)

CVE-2024-13043 (Tsinghua Unigroup Electronic Archives Management System download.html download information disclosure)

CVE-2024-13044 (Panda Security Dome Link Following Local Privilege Escalation Vulnerability)

CVE-2024-13045 (Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability)

CVE-2024-13046 (Ashlar-Vellum Cobalt AR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability)

CVE-2024-13047 (Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability)

CVE-2024-13048 (Ashlar-Vellum Cobalt CO File Parsing Type Confusion Remote Code Execution Vulnerability)

CVE-2024-13049 (Ashlar-Vellum Cobalt XE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability)

CVE-2024-13050 (Ashlar-Vellum Cobalt XE File Parsing Type Confusion Remote Code Execution Vulnerability)

CVE-2024-13051 (Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability)

CVE-2024-13052 (Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability)

CVE-2024-13054 (Dental Optimizer Patient Generator App <= 1.0 - Reflected XSS)

CVE-2024-13055 (Allocation of Resources Without Limits or Throttling in GitLab)

CVE-2024-13056 (Dyn Business Panel <= 1.0.0 - Reflected XSS)

CVE-2024-13057 (Dyn Business Panel <= 1.0.0 - Reflected XSS)

CVE-2024-13058 (Dyn Business Panel <= 1.0.0 - Stored XSS via CSRF)

CVE-2024-13059 (Authenticated, non-admin users can create storage pools via the sifi API)

CVE-2024-13060 (Path Traversal in mintplex-labs/anything-llm)

CVE-2024-13061 (Improper Authorization in mintplex-labs/anything-llm)

CVE-2024-13062 (2100 Technology Electronic Official Document Management System – Authentication Bypass)