Lista CVE 2024/36xxx

CVE nel gruppo: 36xxx

CVE-2024-36041 (N/A)

CVE-2024-36042 (N/A)

CVE-2024-36043 (N/A)

CVE-2024-36046 (N/A)

CVE-2024-36047 (N/A)

CVE-2024-36048 (N/A)

CVE-2024-36049 (N/A)

CVE-2024-36050 (N/A)

CVE-2024-36051 (N/A)

CVE-2024-36052 (N/A)

CVE-2024-36053 (N/A)

CVE-2024-36054 (N/A)

CVE-2024-36055 (N/A)

CVE-2024-36056 (N/A)

CVE-2024-36059 (N/A)

CVE-2024-36060 (N/A)

CVE-2024-36061 (N/A)

CVE-2024-36062 (N/A)

CVE-2024-36063 (N/A)

CVE-2024-36064 (N/A)

CVE-2024-36066 (N/A)

CVE-2024-36068 (N/A)

CVE-2024-36070 (N/A)

CVE-2024-36071 (N/A)

CVE-2024-36072 (N/A)

CVE-2024-36073 (N/A)

CVE-2024-36074 (N/A)

CVE-2024-36075 (N/A)

CVE-2024-36076 (N/A)

CVE-2024-36077 (N/A)

CVE-2024-36078 (N/A)

CVE-2024-36079 (N/A)

CVE-2024-36080 (N/A)

CVE-2024-36081 (N/A)

CVE-2024-36082 (N/A)

CVE-2024-36103 (N/A)

CVE-2024-36104 (N/A)

CVE-2024-36105 (Apache OFBiz: Path traversal leading to a RCE)

CVE-2024-36106 (dbt allows Binding to an Unrestricted IP Address via socketsocket)

CVE-2024-36107 (Argo CD allows authenticated users to enumerate clusters by name)

CVE-2024-36108 (Information disclosure in minio)

CVE-2024-36109 (Multiple Broken Function-Level Authorization vulnerabilities in casgate)

CVE-2024-36110 (Cross-site Scripting with Markdown rendering in CoCalc)

CVE-2024-36111 (Cross-site scripting in ansibleguy-webui)

CVE-2024-36112 (KubePi’s JWT token validation has a defect)

CVE-2024-36113 (Nautobot dynamic-group-members doesn’t enforce permission restrictions on member objects)

CVE-2024-36114 (Discourse missing authorization checks for suspending admins/moderators)

CVE-2024-36115 (Decompressors can crash the JVM and leak memory content in Aircompressor)

CVE-2024-36116 (Stored Cross site scripting in Reposilite artifacts)

CVE-2024-36117 (Path traversal in Reposilite javadoc file expansion)

CVE-2024-36118 (Path traversal while serving Reposilite javadoc expanded files)

CVE-2024-36119 (Unauthorized viewing of workspace test cases in MeterSphere)

CVE-2024-36120 (Password confirmation stored in plain text via registration form in statamic/cms)

CVE-2024-36121 (javascript-deobfuscator crafted payload can lead to code execution)

CVE-2024-36122 ( netty-incubator-codec-ohttp’s BoringSSLAEADContext Repeats Nonces)

CVE-2024-36123 (Discourse doesn’t limit reviewable user serializer payload)

CVE-2024-36124 (Citizen has a Stored Cross-Site Scripting Vulnerability by editing MediaWiki:Tagline)

CVE-2024-36127 (iq80 Snappy has an out-of-bounds read when uncompressing data, leading to JVM crash)

CVE-2024-36128 (apko Exposure of HTTP basic auth credentials in log output)

CVE-2024-36129 (Directus is soft-locked by providing a string value to random string util)