Lista CVE 2024/56xxx

CVE nel gruppo: 56xxx

CVE-2024-56041 (Clicca per dettagli)

CVE-2024-56042 (WordPress VibeBP plugin < 1.9.9.5.1 - SQL Injection vulnerability)

CVE-2024-56043 (WordPress WPLMS plugin < 1.9.9.5.3 - Unauthenticated SQL Injection vulnerability)

CVE-2024-56044 (WordPress WPLMS plugin <= 1.9.9 - Unauthenticated Privilege Escalation vulnerability)

CVE-2024-56045 (WordPress WPLMS plugin <= 1.9.9 - Unauthenticated Arbitrary User Token Generation vulnerability)

CVE-2024-56046 (WordPress WPLMS plugin < 1.9.9.5 - Unauthenticated Arbitrary Directory Deletion vulnerability)

CVE-2024-56047 (WordPress WPLMS plugin <= 1.9.9 - Unauthenticated Arbitrary File Upload vulnerability)

CVE-2024-56048 (WordPress WPLMS plugin < 1.9.9.5.3 - Subscriber+ SQL Injection vulnerability)

CVE-2024-56049 (WordPress WPLMS plugin <= 1.9.9 - Arbitrary Option Update to Privilege Escalation vulnerability)

CVE-2024-56050 (WordPress WPLMS plugin < 1.9.9.5.2 - Subscriber+ Arbitrary File Deletion vulnerability)

CVE-2024-56051 (WordPress WPLMS plugin < 1.9.9.5.3 - Subscriber+ Arbitrary File Upload vulnerability)

CVE-2024-56052 (WordPress WPLMS plugin < 1.9.9.5 - Student+ Remote Code Execution (RCE) vulnerability)

CVE-2024-56053 (WordPress WPLMS plugin < 1.9.9.5.2 - Student+ Arbitrary File Upload vulnerability)

CVE-2024-56054 (WordPress WPLMS plugin < 1.9.9.5.3 - Instructor+ SQL Injection vulnerability)

CVE-2024-56055 (WordPress WPLMS plugin < 1.9.9.5.2 - Instructor+ Arbitrary File Upload vulnerability)

CVE-2024-56056 (WordPress WPLMS plugin < 1.9.9.5.2 - Arbitrary Directory Deletion vulnerability)

CVE-2024-56057 (WordPress SimpleCharm Theme <= 1.4.3 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2024-56058 (WordPress WPLMS plugin < 1.9.9.5.2 - Arbitrary File Upload vulnerability)

CVE-2024-56059 (WordPress VRPConnector plugin <= 2.0.1 - PHP Object Injection vulnerability)

CVE-2024-56060 (WordPress Partners plugin <= 0.2.0 - PHP Object Injection vulnerability)

CVE-2024-56061 (WordPress HTML Forms plugin <= 1.4.1 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2024-56062 (WordPress RepairBuddy plugin <= 3.8119 - Account Takeover vulnerability)

CVE-2024-56063 (WordPress Royal Elementor Addons and Templates plugin <= 1.3.987 - Cross Site Scripting (XSS) vulnerability)

CVE-2024-56064 (WordPress Essential Addons for Elementor plugin <= 6.0.7 - Cross Site Scripting (XSS) vulnerability)

CVE-2024-56065 (WordPress WP SuperBackup plugin <= 2.3.3 - Unauthenticated Arbitrary File Upload vulnerability)

CVE-2024-56066 (WordPress WP2LEADS Plugin <= 3.4.2 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2024-56067 (WordPress Agency Toolkit plugin <= 1.0.23 - Privilege Escalation vulnerability)

CVE-2024-56068 (WordPress WP SuperBackup plugin <= 2.3.3 - Unauthenticated Backup File Download Vulnerability)

CVE-2024-56069 (WordPress WP SuperBackup plugin <= 2.3.3 - Subscriber+ PHP Object Injection vulnerability)

CVE-2024-56070 (WordPress WP SuperBackup plugin <= 2.3.3 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2024-56071 (WordPress WP SuperBackup plugin <= 2.3.3 - Multiple Subscriber+ Broken Access Control vulnerabilities)

CVE-2024-56072 (WordPress Simple Dashboard plugin <= 2.0 - Privilege Escalation vulnerability)

CVE-2024-56073 (Clicca per dettagli)

CVE-2024-56074 (Clicca per dettagli)

CVE-2024-56082 (Clicca per dettagli)

CVE-2024-56083 (Clicca per dettagli)

CVE-2024-56084 (Clicca per dettagli)

CVE-2024-56085 (Clicca per dettagli)

CVE-2024-56086 (Clicca per dettagli)

CVE-2024-56087 (Clicca per dettagli)

CVE-2024-56112 (Clicca per dettagli)

CVE-2024-56113 (Clicca per dettagli)

CVE-2024-56114 (Clicca per dettagli)

CVE-2024-56115 (Clicca per dettagli)

CVE-2024-56116 (Clicca per dettagli)

CVE-2024-56128 (Clicca per dettagli)

CVE-2024-56131 (Apache Kafka: SCRAM authentication vulnerable to replay attacks when used without encryption)

CVE-2024-56132 (Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.)

CVE-2024-56133 (Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.)

CVE-2024-56134 (Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.)

CVE-2024-56135 (Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.)

CVE-2024-56136 (Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.)

CVE-2024-56137 (/api/v1/jwt/fetch_api_key endpoint can leak if an email address has an account in Zulip server)

CVE-2024-56138 (MaxKB RCE vulnerability in function library)

CVE-2024-56139 (Timestamp signature generation lacks certificate revocation check in notion-go)

CVE-2024-56140 (A stack overflow Segmentation Fault (SEGV) and Memory Leak in pdftools)

CVE-2024-56142 (Bypass of CSRF Middleware in Astro)

CVE-2024-56144 (Path Traversal in pghoard)

CVE-2024-56145 (Stored XSS-LibreNMS-Display Name 2 in librenms)

CVE-2024-56159 (RCE when PHP `register_argc_argv` config setting is enabled in craftcms/cms)