Lista CVE 2024/29xxx

CVE nel gruppo: 29xxx

CVE-2024-29024 (N/A)

CVE-2024-29025 (JumpServer Direct Object Reference (IDOR) Vulnerability in File Manager Bulk Transfer Functionality)

CVE-2024-29026 (Netty HttpPostRequestDecoder can OOM)

CVE-2024-29027 (Owncast cross origin request)

CVE-2024-29028 (Parse Server crash and RCE via invalid Cloud Function or Cloud Job name)

CVE-2024-29029 (memos vulnerable to an SSRF in /o/get/httpmeta)

CVE-2024-29030 (memos vulnerable to an SSRF in /o/get/image)

CVE-2024-29031 (memos vulnerable to an SSRF in /api/resource)

CVE-2024-29032 (Meshery SQL Injection vulnerability)

CVE-2024-29033 (`qiskit_ibm_runtime.RuntimeDecoder` can execute arbitrary code)

CVE-2024-29034 (GoogleOAuthenticator.hosted_domain incorrectly verifies membership of an Google organization/workspace)

CVE-2024-29035 (CarrierWave’s Content-Type allowlist bypass vulnerability which possibly leads to XSS remained)

CVE-2024-29036 (Umbraco’s Blind SSRF Leads to Port Scan by using Webhooks)

CVE-2024-29037 (Saleor Storefront session leak in cache)

CVE-2024-29038 (Default secret use for initial deployment)

CVE-2024-29039 (tpm2 does not detect if quote was not generated by TPM)

CVE-2024-29040 (Missing check in tpm2_checkquote allows attackers to misrepresent the TPM state)

CVE-2024-29041 (Fapi Verify Quote: Does not detect if quote was not generated by TPM)

CVE-2024-29042 (Express.js Open Redirect in malformed URLs)

CVE-2024-29043 (Translate Cache Poisoning Vulnerability)

CVE-2024-29044 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability)

CVE-2024-29045 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability)

CVE-2024-29046 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability)

CVE-2024-29047 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability)

CVE-2024-29048 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability)

CVE-2024-29049 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability)

CVE-2024-29050 (Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability)

CVE-2024-29052 (Windows Cryptographic Services Remote Code Execution Vulnerability)

CVE-2024-29053 (Windows Storage Elevation of Privilege Vulnerability)

CVE-2024-29054 (Microsoft Defender for IoT Remote Code Execution Vulnerability)

CVE-2024-29055 (Microsoft Defender for IoT Elevation of Privilege Vulnerability)

CVE-2024-29056 (Microsoft Defender for IoT Elevation of Privilege Vulnerability)

CVE-2024-29057 (Windows Authentication Elevation of Privilege Vulnerability)

CVE-2024-29059 (Microsoft Edge (Chromium-based) Spoofing Vulnerability)

CVE-2024-29060 (.NET Framework Information Disclosure Vulnerability)

CVE-2024-29061 (Visual Studio Elevation of Privilege Vulnerability)

CVE-2024-29062 (Secure Boot Security Feature Bypass Vulnerability)

CVE-2024-29063 (Secure Boot Security Feature Bypass Vulnerability)

CVE-2024-29064 (Azure AI Search Information Disclosure Vulnerability)

CVE-2024-29066 (Windows Hyper-V Denial of Service Vulnerability)