Lista CVE 2024/34xxx
CVE nel gruppo: 34xxx
CVE-2024-34071 (Clicca per dettagli)
CVE-2024-34072 (Open Redirect Bypass Protection )
CVE-2024-34073 (Deserialization of Untrusted Data in sagemaker-python-sdk)
CVE-2024-34074 (Command Injection in sagemaker-python-sdk)
CVE-2024-34075 (Frappe vuilnerable to an open redirect on login page)
CVE-2024-34077 (kurwov vulnerable to Denial of Service due to improper data sanitization)
CVE-2024-34078 (MantisBT user account takeover in the signup/reset password process)
CVE-2024-34079 (html-sanitizer allows arbitrary HTML present after sanitization because of unicode normalization)
CVE-2024-34080 (octo-sts allows unauthenticated attackers to cause unbounded CPU and memory usage)
CVE-2024-34081 (MantisBT Vulnerable to Exposure of Sensitive Information to an Unauthorized Actor)
CVE-2024-34082 (MantisBT Cross-site Scripting vulnerability)
CVE-2024-34083 (Grav Arbitrary File Read to Account Takeover)
CVE-2024-34084 (STARTTLS unencrypted commands injection)
CVE-2024-34085 (Minder’s Github Webhook Handler vulnerable to denial of service from un-validated requests)
CVE-2024-34086 (Clicca per dettagli)
CVE-2024-34087 (Clicca per dettagli)
CVE-2024-34088 (Clicca per dettagli)
CVE-2024-34089 (Clicca per dettagli)
CVE-2024-34090 (Clicca per dettagli)
CVE-2024-34091 (Clicca per dettagli)
CVE-2024-34092 (Clicca per dettagli)
CVE-2024-34093 (Clicca per dettagli)
CVE-2024-34094 (Clicca per dettagli)
CVE-2024-34095 (ZDI-CAN-23474: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability)
CVE-2024-34096 (ZDI-CAN-23475: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability)
CVE-2024-34097 (ZDI-CAN-23472: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability)
CVE-2024-34098 (ZDI-CAN-23473: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability)
CVE-2024-34099 (ZDI-CAN-XXXX: [Pwn2Own] Acrobat sandbox bypass part 1 of 2)
CVE-2024-34100 (ZDI-CAN-XXXX: [Pwn2Own] Acrobat sandbox bypass part 2 of 2)
CVE-2024-34101 (Use-After-Free vulnerability in the latest Adobe Acrobat Reader DC when open malicious PDF file)
CVE-2024-34102 (ZDI-CAN-23614: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability)
CVE-2024-34103 (XXE can expose crypt key and other secrets granting full admin access)
CVE-2024-34104 (Customer account takeover via web API call & subsequent password reset)
CVE-2024-34105 (Adobe Commerce | Improper Authorization (CWE-285))
CVE-2024-34106 (Stored Cross Site Scripting in Order Comment)
CVE-2024-34107 (Insecure Direct Object Reference – An attacker can able to erase the victim quote details)
CVE-2024-34108 (Adobe Commerce | Improper Access Control (CWE-284))
CVE-2024-34109 (Large attack surface through legit webhook usage in Adobe Commerce)
CVE-2024-34110 (Adobe Commerce | Improper Input Validation (CWE-20))
CVE-2024-34111 (RCE in the Adobe Commerce Webhook module through a legit webhook definition)
CVE-2024-34112 (SSRF in service connector)
CVE-2024-34113 (ColdFusion CFDOCUMENT file retrieval / access control bypass)
CVE-2024-34115 (ColdFusion | Weak Cryptography for Passwords (CWE-261))
CVE-2024-34116 (ZDI-CAN-24054: Adobe Substance 3D Stager SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability)
CVE-2024-34117 (Adobe Creative Cloud App Install Arbitrary Folder Delete Vulnerability can be abuse to Privilege Escalation)
CVE-2024-34118 (Adobe Photoshop 2024 MPO File Parsing Use-After-Free vulnerability)
CVE-2024-34119 (Adobe illustrator 2024 TIF File parsing Division by zero denial of service)
CVE-2024-34120 (Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79))
CVE-2024-34121 (Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79))
CVE-2024-34122 (Illustrator | Integer Overflow or Wraparound (CWE-190))
CVE-2024-34123 (T5 Acrobat Vulnerability – Exploitable crash in DecodeTile)
CVE-2024-34124 (Adobe Premiere Pro arbitrary DLL loading lead to remote code execution)
CVE-2024-34125 (ZDI-CAN-24031: Adobe Dimension SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability)
CVE-2024-34126 (ZDI-CAN-24027: Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability)
CVE-2024-34127 (ZDI-CAN-24028: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability)
CVE-2024-34128 (Adobe Indesign TIF File Parsing Out Of Bound Read)
CVE-2024-34129 (Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79))
CVE-2024-34130 (Acrobat Android : OverSecured Finding : Overwriting arbitrary files via attacker-controlled output file paths)
CVE-2024-34133 (Acrobat Android : OverSecured Finding : Access to arbitrary* content providers via insecure Intent configuration)
CVE-2024-34134 (Adobe Illustrator CC 2023 v27.9 Vulnerability I)
CVE-2024-34135 (Illustrator | Out-of-bounds Read (CWE-125))
CVE-2024-34136 (Adobe Illustrator CC 2023 v27.9 Vulnerability II)
CVE-2024-34137 (Adobe Illustrator PSD File Parsing Null Pointer dereference)
CVE-2024-34138 (Adobe Illustrator 2024 CGM File Parsing Null Pointer Dereference)
CVE-2024-34139 (Adobe Illustrator CGM File Parsing Division By zero)
CVE-2024-34140 (Adobe Bridge has an integer overflow vulnerability when parsing SVG file)
CVE-2024-34141 (Adobe Bridge PDF File Parsing Memory Corruption)
CVE-2024-34142 (Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79))
CVE-2024-34144 (Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79))
CVE-2024-34145 (Clicca per dettagli)
CVE-2024-34146 (Clicca per dettagli)
CVE-2024-34147 (Clicca per dettagli)
CVE-2024-34148 (Clicca per dettagli)
CVE-2024-34149 (Clicca per dettagli)
CVE-2024-34152 (Clicca per dettagli)
CVE-2024-34153 (Playbook Run Metadata leak to Guest)
CVE-2024-34155 (Clicca per dettagli)
CVE-2024-34156 (Stack exhaustion in all Parse functions in go/parser)
CVE-2024-34158 (Stack exhaustion in Decoder.Decode in encoding/gob)
CVE-2024-34161 (Stack exhaustion in Parse in go/build/constraint)