Lista CVE 2024/47xxx

CVE nel gruppo: 47xxx

CVE-2024-47070 (Clicca per dettagli)

CVE-2024-47071 (authentik vulnerable to password authentication bypass via X-Forwarded-For HTTP header)

CVE-2024-47072 (OSS Endpoint Manager allows unauthorized access to read system files)

CVE-2024-47073 (XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream)

CVE-2024-47074 (Dataease arbitrary interface access vulnerability)

CVE-2024-47075 (Dataease PostgreSQL Data Source JDBC Connection Parameters Not Verified Leads to Deserialization Vulnerability)

CVE-2024-47076 (DOM Clobbering gadgets found in layui that lead to Cross-site Scripting)

CVE-2024-47077 (libcupsfilters’s cfGetPrinterAttributes5 does not validate IPP attributes returned from an IPP server)

CVE-2024-47078 (authentik cross-provider token validation problems)

CVE-2024-47079 (Meshtastic firmware Authentication/Authorization Bypass via MQTT)

CVE-2024-47080 (Unauthorized usage of remote hardware module because of missing channel verification)

CVE-2024-47082 (matrix-js-sdk keys sent via `sendSharedHistoryKeys` vulnerable to interception by malicious homeserver)

CVE-2024-47083 (Strawberry GraphQL Cross-Site Request Forgery (CSRF) vulnerability)

CVE-2024-47084 (Power Platform Terraform Provider has Improper Masking of Secrets in Logs)

CVE-2024-47085 (CORS origin validation is not performed when the request has a cookie in Gradio)

CVE-2024-47086 (Parameter Manipulation Vulnerability)

CVE-2024-47087 (OTP Bypass Vulnerability)

CVE-2024-47088 (Information Disclosure Vulnerability)

CVE-2024-47089 (User Enumeration vulnerability)

CVE-2024-47092 (Unauthorized Transaction Manipulation Vulnerability)

CVE-2024-47093 (Insecure deserialization and improper certificate validation in Checkmk Exchange plugin check-mk-api)

CVE-2024-47094 (Fix various XSS issues and potential RCE)

CVE-2024-47095 (Logging of sitesecret to automations log)

CVE-2024-47100 (Reflected Cross-Site Scripting in Follet School Solutions Destiny)

CVE-2024-47102 (Clicca per dettagli)

CVE-2024-47103 (IBM AIX denial of service)

CVE-2024-47104 (IBM Sterling B2B Integrator cross-site scripting)

CVE-2024-47106 (IBM i incorrect privilege assignment)

CVE-2024-47107 (IBM Jazz for Service Management information disclosure)

CVE-2024-47109 (IBM QRadar SIEM cross-site scripting)

CVE-2024-47113 (IBM Sterling File Gateway information disclosure)

CVE-2024-47115 (IBM ICP – Voice Gateway XML injection)

CVE-2024-47116 (IBM AIX command execution)

CVE-2024-47117 (IBM Sterling B2B Integrator cross-site scripting)

CVE-2024-47119 (IBM Carbon Design System cross-site scripting)

CVE-2024-47121 (IBM Storage Defender – Resiliency Service improper certificate validation)

CVE-2024-47122 (Weak Passwords Requirements in goTenna Pro)

CVE-2024-47123 (Insecure Storage of Sensitive Information in goTenna Pro)

CVE-2024-47124 (Missing Support for Integrity Check in goTenna Pro)

CVE-2024-47125 (Cleartext Transmission of Sensitive Information in goTenna Pro)

CVE-2024-47126 (Improper Restriction of Communication Channel to Intended Endpoints in goTenna Pro)

CVE-2024-47127 (Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in goTenna Pro)

CVE-2024-47128 (Weak Authentication in goTenna Pro)

CVE-2024-47129 (Insertion of Sensitive Information Into Sent Data in goTenna Pro)

CVE-2024-47130 (Observable Response Discrepancy in goTenna Pro)

CVE-2024-47131 (Missing Authentication for Critical Function in goTenna Pro)

CVE-2024-47133 (Delta Electronics DIAScreen Stack-based Buffer Overflow)

CVE-2024-47134 (Clicca per dettagli)

CVE-2024-47135 (Clicca per dettagli)

CVE-2024-47136 (Clicca per dettagli)

CVE-2024-47137 (Clicca per dettagli)

CVE-2024-47138 (Liteos_a has an out-of-bounds Write vulnerability)

CVE-2024-47139 (mySCADA myPRO Missing Authentication for Critical Function)

CVE-2024-47140 (F5 BIG-IQ Vulnerability)

CVE-2024-47141 (Clicca per dettagli)

CVE-2024-47142 (pinmux: Use sequential access to access desc->pinmux data)

CVE-2024-47143 (Clicca per dettagli)

CVE-2024-47145 (dma-debug: fix a possible deadlock on radix_lock)

CVE-2024-47146 (Unauthorized access on archived channels via file links)

CVE-2024-47148 (Ruijie Reyee OS Resource Leak)

CVE-2024-47149 (Clicca per dettagli)

CVE-2024-47150 (Clicca per dettagli)

CVE-2024-47151 (Clicca per dettagli)

CVE-2024-47153 (Clicca per dettagli)

CVE-2024-47154 (Clicca per dettagli)

CVE-2024-47155 (Clicca per dettagli)

CVE-2024-47156 (Clicca per dettagli)

CVE-2024-47157 (Information Leak Vulnerability in Honor Product)

CVE-2024-47158 (Clicca per dettagli)

CVE-2024-47159 (Clicca per dettagli)

CVE-2024-47160 (Clicca per dettagli)

CVE-2024-47161 (Clicca per dettagli)

CVE-2024-47162 (Clicca per dettagli)

CVE-2024-47164 (Clicca per dettagli)

CVE-2024-47165 (The `is_in_or_equal` function may be bypassed in Gradio)

CVE-2024-47166 (CORS origin validation accepts the null origin in Gradio)

CVE-2024-47167 (One-level read path traversal in `/custom_component` in Gradio)

CVE-2024-47168 (SSRF in the path parameter of /queue/join in Gradio)

CVE-2024-47169 (The `enable_monitoring` flag set to `False` does not disable monitoring in Gradio)

CVE-2024-47170 (Agnai vulnerable to Remote Code Execution via JS Upload using Directory Traversal)