Lista CVE 2024/4xxx
CVE nel gruppo: 4xxx
CVE-2024-4046 (N/A)
CVE-2024-4056 (N/A)
CVE-2024-4057 (Denial of service condition in M-Files Server)
CVE-2024-4058 (Gutenberg Blocks by Kadence Blocks < 3.2.37 - Contributor+ Stored XSS)
CVE-2024-4059 (N/A)
CVE-2024-4060 (N/A)
CVE-2024-4061 (N/A)
CVE-2024-4062 (Survey Maker < 4.2.9 - Admin+ Stored XSS via Plugin Settings)
CVE-2024-4063 (Hualai Xiaofang iSC5 certificate validation)
CVE-2024-4064 (EZVIZ CS-C6-21WFR-8 Davinci Application certificate validation)
CVE-2024-4065 (Tenda AC8 execCommand R7WebsSecurityHandler stack-based overflow)
CVE-2024-4066 (Tenda AC8 SetRebootTimer formSetRebootTimer stack-based overflow)
CVE-2024-4067 (Tenda AC8 AdvSetMacMtuWan fromAdvSetMacMtuWan stack-based overflow)
CVE-2024-4068 (Regular Expression Denial of Service in micromatch)
CVE-2024-4069 (Memory Exhaustion in braces)
CVE-2024-4070 (Kashipara Online Furniture Shopping Ecommerce Website search.php sql injection)
CVE-2024-4071 (Kashipara Online Furniture Shopping Ecommerce Website prodList.php sql injection)
CVE-2024-4072 (Kashipara Online Furniture Shopping Ecommerce Website prodInfo.php sql injection)
CVE-2024-4073 (Kashipara Online Furniture Shopping Ecommerce Website search.php cross site scripting)
CVE-2024-4074 (Kashipara Online Furniture Shopping Ecommerce Website prodList.php cross site scripting)
CVE-2024-4075 (Kashipara Online Furniture Shopping Ecommerce Website prodInfo.php cross site scripting)
CVE-2024-4076 (Kashipara Online Furniture Shopping Ecommerce Website login.php cross site scripting)
CVE-2024-4077 (Assertion failure when serving both stale cache data and authoritative zone content)
CVE-2024-4078 (WordPress UDesign theme <= 4.7.3 - Reflected Cross Site Scripting (XSS) vulnerability)
CVE-2024-4079 (Arbitrary Code Execution in parisneo/lollms)
CVE-2024-4080 (Out of Bounds Read Due to Missing Bounds Check in LabVIEW)
CVE-2024-4081 (Memory Corruption Due to Improper Length Checks in LabVIEW tdcore.dll)
CVE-2024-4082 (Memory Corruption Due to Improper Length Check in NI LabVIEW)
CVE-2024-4083 (Joli FAQ SEO – WordPress FAQ Plugin <= 1.3.2 - Cross-Site Request Forgery)
CVE-2024-4084 (N/A)
CVE-2024-4085 (SSRF vulnerability in mintplex-labs/anything-llm)
CVE-2024-4086 (N/A)
CVE-2024-4087 (N/A)
CVE-2024-4088 (Royal Elementor Addons and Templates <= 1.3.975 - Authenticated (Contributor+) Stored Cross-Site Scripting via Back to Top Widget)
CVE-2024-4089 (Gutenberg Blocks and Page Layouts – Attire Blocks <= 1.9.2 - Missing Authorization)
CVE-2024-4090 (N/A)
CVE-2024-4092 (My Sticky Bar < 2.7.2 - Admin+ Stored XSS)
CVE-2024-4093 (N/A)
CVE-2024-4094 (SourceCodester Simple Subscription Website view_application.php sql injection)
CVE-2024-4095 (Simple Share Buttons Adder < 8.5.1 - Admin+ Stored XSS)
CVE-2024-4096 (Collapse-O-Matic <= 1.8.5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode)
CVE-2024-4097 (Responsive Tabs <= 4.0.8 - Contributor+ Stored XSS)
CVE-2024-4098 (N/A)
CVE-2024-4099 (Shariff Wrapper <= 4.6.13 - Unauthenticated Local File Inclusion)
CVE-2024-4100 (Improper Encoding or Escaping of Output in GitLab)
CVE-2024-4101 (Pricing Table <= 2.0.1 - Cross-Site Request Forgery via ajax())
CVE-2024-4102 (N/A)
CVE-2024-4103 (Pricing Table <= 2.0.1 - Missing Authorization)
CVE-2024-4104 (ADFO – Custom data in admin dashboard <= 1.9.0 - Cross-Site Request Forgery)
CVE-2024-4105 (ADFO – Custom data in admin dashboard <= 1.9.0 - Reflected Cross-Site Scripting)
CVE-2024-4106 (N/A)
CVE-2024-4107 (N/A)
CVE-2024-4108 (Elementor Website Builder Pro <= 3.21.0 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting)
CVE-2024-4109 (N/A)
CVE-2024-4111 (N/A)
CVE-2024-4112 (Tenda TX9 SetLEDCfg sub_42BD7C stack-based overflow)
CVE-2024-4113 (Tenda TX9 SetVirtualServerCfg sub_42CB94 stack-based overflow)
CVE-2024-4114 (Tenda TX9 SetSysTimeCfg sub_42D4DC stack-based overflow)
CVE-2024-4115 (Tenda TX9 PowerSaveSet sub_42C014 stack-based overflow)
CVE-2024-4116 (Tenda W15E AddDnsForward formAddDnsForward stack-based overflow)