Lista CVE 2024/37xxx
CVE nel gruppo: 37xxx
CVE-2024-37068 (Clicca per dettagli)
CVE-2024-37070 (IBM Maximo Application Suite information disclosure)
CVE-2024-37071 (IBM Concert Software information disclosure)
CVE-2024-37077 (IBM Db2 denial of service)
CVE-2024-37078 (Arkcompiler Ets Runtime has an out-of-bounds write vulnerability)
CVE-2024-37079 (nilfs2: fix potential kernel bug due to lack of writeback flag waiting)
CVE-2024-37080 (Clicca per dettagli)
CVE-2024-37081 (Clicca per dettagli)
CVE-2024-37082 (Clicca per dettagli)
CVE-2024-37084 (Clicca per dettagli)
CVE-2024-37085 (CVE-2024-37084: Remote code execution in Spring Cloud Data Flow)
CVE-2024-37086 (Clicca per dettagli)
CVE-2024-37087 (Clicca per dettagli)
CVE-2024-37089 (Clicca per dettagli)
CVE-2024-37090 (WordPress Consulting Elementor Widgets plugin <= 1.3.0 - Unauthenticated Local File Inclusion vulnerability)
CVE-2024-37091 (SQL Injection vulnerability in multiple StylemixThemes premium themes)
CVE-2024-37092 (WordPress Consulting Elementor Widgets plugin <= 1.3.0 - Remote Code Execution (RCE) vulnerability)
CVE-2024-37093 (WordPress Consulting Elementor Widgets plugin <= 1.3.0 - Local File Inclusion vulnerability)
CVE-2024-37094 (WordPress MasterStudy LMS WordPress Plugin plugin <= 3.2.1 - Cross Site Request Forgery (CSRF) vulnerability)
CVE-2024-37095 (WordPress MasterStudy LMS plugin <= 3.2.12 - Broken Access Control vulnerability)
CVE-2024-37096 (WordPress Envira Photo Gallery plugin <= 1.8.7.3 - CSRF leading to notice dismissal vulnerability)
CVE-2024-37097 (WordPress Popup box plugin <= 4.5.1 - Broken Access Control vulnerability)
CVE-2024-37098 (WordPress Shortcodes by United Themes plugin < 5.0.5 - Reflected Cross Site Scripting (XSS) vulnerability)
CVE-2024-37099 (WordPress BlossomThemes Email Newsletter plugin <= 2.2.6 - Server Side Request Forgery (SSRF) vulnerability)
CVE-2024-37100 (WordPress GiveWP plugin <= 3.14.1 - Unauthenticated PHP Object Injection vulnerability)
CVE-2024-37101 (WordPress Elegant Themes Icons plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability)
CVE-2024-37102 (WordPress WP Post Author plugin <= 3.6.7 - Cross Site Scripting (XSS) vulnerability)
CVE-2024-37103 (WordPress Vilva theme <= 1.2.2 - Cross Site Request Forgery (CSRF) vulnerability)
CVE-2024-37104 (WordPress Education Zone theme <= 1.3.4 - Cross Site Request Forgery (CSRF) vulnerability)
CVE-2024-37106 (WordPress Chic Lite theme <= 1.1.3 - Cross Site Request Forgery (CSRF) vulnerability)
CVE-2024-37107 (WordPress WishList Member X plugin < 3.26.7 - Unautenticated Plugin Settings Change Leading to Stored XSS vulnerability)
CVE-2024-37108 (WordPress WishList Member X plugin < 3.26.7 - Authenticated Privilege Escalation vulnerability)
CVE-2024-37109 (WordPress WishList Member X plugin < 3.26.7 - Authenticated Arbitrary File Deletion vulnerability)
CVE-2024-37110 (WordPress WishList Member X plugin < 3.26.7 - Authenticated Arbitrary PHP Code Execution vulnerability)
CVE-2024-37111 (WordPress WishList Member X plugin < 3.26.7 - Unauthenticated Settings & Users Data Dump vulnerability)
CVE-2024-37112 (WordPress WishList Member X plugin < 3.26.7 - Unauthenticated Denial of Service Attack vulnerability)
CVE-2024-37113 (WordPress WishList Member X plugin < 3.26.7 - Unauthenticated Arbitrary SQL Query Execution vulnerability)
CVE-2024-37114 (WordPress WishList Member X plugin < 3.26.7 - Unauthenticated Database Backup Download vulnerability)
CVE-2024-37115 (WordPress My Favorites plugin <= 1.4.1 - Cross Site Scripting (XSS) vulnerability)
CVE-2024-37116 (WordPress Newspack Blocks plugin <= 3.0.8 - Sensitive Data Exposure vulnerability)
CVE-2024-37117 (WordPress Sinatra theme <= 1.3 - Cross Site Scripting (XSS) vulnerability)
CVE-2024-37118 (WordPress Uncanny Automator Pro plugin <= 5.3 - Reflected Cross Site Scripting (XSS) vulnerability)
CVE-2024-37119 (WordPress Uncanny Automator Pro plugin <= 5.3 - Cross Site Request Forgery (CSRF) Leading to License Settings Reset vulnerability)
CVE-2024-37120 (WordPress Uncanny Automator Pro plugin < 5.3.0.1 - Unauthenticated License Settings Reset vulnerability)
CVE-2024-37121 (WordPress Tabs plugin <= 4.0.6 - Cross Site Scripting (XSS) vulnerability)
CVE-2024-37122 (WordPress Shortcode Addons plugin <= 3.2.5 - Cross Site Scripting (XSS) vulnerability)
CVE-2024-37123 (WordPress Accordions plugin <= 2.3.5 - Cross Site Scripting (XSS) vulnerability)
CVE-2024-37124 (WordPress Ibtana – WordPress Website Builder plugin <= 1.2.3.3 - Broken Access Control vulnerability)
CVE-2024-37125 (Clicca per dettagli)
CVE-2024-37126 (Clicca per dettagli)
CVE-2024-37127 (Clicca per dettagli)
CVE-2024-37129 (Clicca per dettagli)
CVE-2024-37130 (Clicca per dettagli)
CVE-2024-37131 (Clicca per dettagli)
CVE-2024-37132 (Clicca per dettagli)
CVE-2024-37133 (Clicca per dettagli)
CVE-2024-37134 (Clicca per dettagli)
CVE-2024-37135 (Clicca per dettagli)
CVE-2024-37136 (Clicca per dettagli)
CVE-2024-37137 (Clicca per dettagli)
CVE-2024-37138 (Clicca per dettagli)
CVE-2024-37139 (Clicca per dettagli)
CVE-2024-37140 (Clicca per dettagli)
CVE-2024-37141 (Clicca per dettagli)
CVE-2024-37142 (Clicca per dettagli)
CVE-2024-37143 (Clicca per dettagli)
CVE-2024-37144 (Clicca per dettagli)
CVE-2024-37145 (Clicca per dettagli)
CVE-2024-37146 (GHSL-2023-247: Flowise xss in /api/v1/chatflows-streaming/id)
CVE-2024-37147 (GHSL-2023-248: Flowise xss in /api/v1/credentials/id)
CVE-2024-37148 (GLPI allows Authenticated File Upload to Restricted Tickets)
CVE-2024-37149 (GLPI allows account takeover via SQL Injection in AJAX scripts)
CVE-2024-37150 (GLPI allows remote code execution through the plugin loader)
CVE-2024-37151 (Private npm registry support used scope auth token for downloading tarballs)
CVE-2024-37152 (Suricata defrag: IP ID reuse can lead to policy bypass)
CVE-2024-37153 (Unauthenticated Access to sensitive settings in Argo CD)
CVE-2024-37154 (Evmos’s contract balance not updating correctly after interchain transaction)
CVE-2024-37155 (Evmos allows unvested token delegations)
CVE-2024-37156 (OpenCTI May Bypass Introspection Restriction)
CVE-2024-37157 (TokenController formName not sanitized in hidden input)