Lista CVE 2024/34xxx
CVE nel gruppo: 34xxx
CVE-2024-34046 (N/A)
CVE-2024-34047 (N/A)
CVE-2024-34048 (N/A)
CVE-2024-34049 (N/A)
CVE-2024-34050 (N/A)
CVE-2024-34051 (N/A)
CVE-2024-34055 (N/A)
CVE-2024-34057 (N/A)
CVE-2024-34058 (N/A)
CVE-2024-34060 (N/A)
CVE-2024-34061 (Arbitrary File Write in IRIS EVTX Pipeline)
CVE-2024-34062 (Reflected cross site scripting in changedetection.io)
CVE-2024-34063 (tqdm CLI arguments injection attack)
CVE-2024-34064 (Degraded secret zeroization capabilities in vodozemac)
CVE-2024-34065 (Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter)
CVE-2024-34066 (@strapi/plugin-users-permissions leaks 3rd party authentication tokens and authentication bypass)
CVE-2024-34067 (Arbitrary File Write/Read in Pterodactyl wings)
CVE-2024-34068 (Multiple cross site scripting (XSS) vulnerabilities in the admin area of Pterodactyl panel)
CVE-2024-34069 (Server-side Request Forgery during remote file pull in Pterodactyl wings)
CVE-2024-34070 (Werkzeug’s improper usage of a pathname and improper CSRF protection results in the remote command execution)
CVE-2024-34071 (Froxlor Vulnerable to Blind XSS Leading to Froxlor Application Compromise)
CVE-2024-34072 (Open Redirect Bypass Protection )
CVE-2024-34073 (Deserialization of Untrusted Data in sagemaker-python-sdk)
CVE-2024-34074 (Command Injection in sagemaker-python-sdk)
CVE-2024-34075 (Frappe vuilnerable to an open redirect on login page)
CVE-2024-34077 (kurwov vulnerable to Denial of Service due to improper data sanitization)
CVE-2024-34078 (MantisBT user account takeover in the signup/reset password process)
CVE-2024-34079 (html-sanitizer allows arbitrary HTML present after sanitization because of unicode normalization)
CVE-2024-34080 (octo-sts allows unauthenticated attackers to cause unbounded CPU and memory usage)
CVE-2024-34081 (MantisBT Vulnerable to Exposure of Sensitive Information to an Unauthorized Actor)
CVE-2024-34082 (MantisBT Cross-site Scripting vulnerability)
CVE-2024-34083 (Grav Arbitrary File Read to Account Takeover)
CVE-2024-34084 (STARTTLS unencrypted commands injection)
CVE-2024-34085 (Minder’s Github Webhook Handler vulnerable to denial of service from un-validated requests)
CVE-2024-34086 (N/A)
CVE-2024-34087 (N/A)
CVE-2024-34088 (N/A)
CVE-2024-34089 (N/A)
CVE-2024-34090 (N/A)
CVE-2024-34091 (N/A)
CVE-2024-34092 (N/A)
CVE-2024-34093 (N/A)
CVE-2024-34094 (N/A)
CVE-2024-34095 (ZDI-CAN-23474: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability)
CVE-2024-34096 (ZDI-CAN-23475: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability)
CVE-2024-34097 (ZDI-CAN-23472: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability)
CVE-2024-34098 (ZDI-CAN-23473: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability)
CVE-2024-34099 (ZDI-CAN-XXXX: [Pwn2Own] Acrobat sandbox bypass part 1 of 2)
CVE-2024-34100 (ZDI-CAN-XXXX: [Pwn2Own] Acrobat sandbox bypass part 2 of 2)
CVE-2024-34101 (Use-After-Free vulnerability in the latest Adobe Acrobat Reader DC when open malicious PDF file)
CVE-2024-34102 (ZDI-CAN-23614: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability)
CVE-2024-34103 (XXE can expose crypt key and other secrets granting full admin access)
CVE-2024-34104 (Customer account takeover via web API call & subsequent password reset)
CVE-2024-34105 (Adobe Commerce | Improper Authorization (CWE-285))
CVE-2024-34106 (Stored Cross Site Scripting in Order Comment)
CVE-2024-34107 (Insecure Direct Object Reference – An attacker can able to erase the victim quote details)
CVE-2024-34108 (Adobe Commerce | Improper Access Control (CWE-284))
CVE-2024-34109 (Large attack surface through legit webhook usage in Adobe Commerce)
CVE-2024-34110 (Adobe Commerce | Improper Input Validation (CWE-20))
CVE-2024-34111 (RCE in the Adobe Commerce Webhook module through a legit webhook definition)