Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 164513 entries
IDDescriptionPriorityModified dateFixed Release
CVE-2024-28960 -- Mar 29, 2024 n/a
CVE-2024-31140 In JetBrains TeamCity before 2024.03 server administrators could remove arbitrary files from the server by installing tools -- Mar 28, 2024 n/a
CVE-2024-31139 In JetBrains TeamCity before 2024.03 xXE was possible in the Maven build steps detector -- Mar 28, 2024 n/a
CVE-2024-31138 In JetBrains TeamCity before 2024.03 xSS was possible via Agent Distribution settings -- Mar 28, 2024 n/a
CVE-2024-31137 In JetBrains TeamCity before 2024.03 reflected XSS was possible via Space connection configuration -- Mar 28, 2024 n/a
CVE-2024-31136 In JetBrains TeamCity before 2024.03 2FA could be bypassed by providing a special URL parameter -- Mar 28, 2024 n/a
CVE-2024-31135 In JetBrains TeamCity before 2024.03 open redirect was possible on the login page -- Mar 28, 2024 n/a
CVE-2024-31134 In JetBrains TeamCity before 2024.03 authenticated users without administrative permissions could register other users when self-registration was disabled -- Mar 28, 2024 n/a
CVE-2024-31065 Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the City input field. -- Mar 28, 2024 n/a
CVE-2024-31064 Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the First Name input field. -- Mar 28, 2024 n/a
CVE-2024-31063 Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Email input field. -- Mar 28, 2024 n/a
CVE-2024-31062 Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Street input field. -- Mar 28, 2024 n/a
CVE-2024-31061 Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Last Name input field. -- Mar 28, 2024 n/a
CVE-2024-30612 Tenda AC10U v15.03.06.48 has a stack overflow vulnerability in the deviceId, limitSpeed, limitSpeedUp parameter from formSetClientState function. -- Mar 28, 2024 n/a
CVE-2024-30607 Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the deviceId parameter of the saveParentControlInfo function. -- Mar 28, 2024 n/a
CVE-2024-30606 Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the page parameter of the fromDhcpListClient function. -- Mar 28, 2024 n/a
CVE-2024-30604 Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the list1 parameter of the fromDhcpListClient function. -- Mar 28, 2024 n/a
CVE-2024-30603 Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the urls parameter of the saveParentControlInfo function. -- Mar 28, 2024 n/a
CVE-2024-30602 Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the schedStartTime parameter of the setSchedWifi function. -- Mar 28, 2024 n/a
CVE-2024-30601 Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the time parameter of the saveParentControlInfo function. -- Mar 28, 2024 n/a
CVE-2024-30600 Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the schedEndTime parameter of the setSchedWifi function. -- Mar 28, 2024 n/a
CVE-2024-30599 Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the deviceMac parameter of the addWifiMacFilter function. -- Mar 28, 2024 n/a
CVE-2024-30598 Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability in the security_5g parameter of the formWifiBasicSet function. -- Mar 28, 2024 n/a
CVE-2024-30597 Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability in the security parameter of the formWifiBasicSet function. -- Mar 28, 2024 n/a
CVE-2024-30596 Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceId parameter of the formSetDeviceName function. -- Mar 28, 2024 n/a
CVE-2024-30595 Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceId parameter of the addWifiMacFilter function. -- Mar 28, 2024 n/a
CVE-2024-30594 Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceMac parameter of the addWifiMacFilter function. -- Mar 28, 2024 n/a
CVE-2024-30593 Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability located in the deviceName parameter of the formSetDeviceName function. -- Mar 28, 2024 n/a
CVE-2024-30592 Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the page parameter of the fromAddressNat function. -- Mar 28, 2024 n/a
CVE-2024-30591 Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the time parameter of the saveParentControlInfo function. -- Mar 28, 2024 n/a
CVE-2024-30590 Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the schedEndTime parameter of the setSchedWifi function. -- Mar 28, 2024 n/a
CVE-2024-30589 Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerability in the entrys parameter of the fromAddressNat function. -- Mar 28, 2024 n/a
CVE-2024-30588 Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the schedStartTime parameter of the setSchedWifi function. -- Mar 28, 2024 n/a
CVE-2024-30587 Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the urls parameter of the saveParentControlInfo function. -- Mar 28, 2024 n/a
CVE-2024-30586 Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the security_5g parameter of the formWifiBasicSet function. -- Mar 28, 2024 n/a
CVE-2024-30585 Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceId parameter of the saveParentControlInfo function. -- Mar 28, 2024 n/a
CVE-2024-30584 Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the security parameter of the formWifiBasicSet function. -- Mar 28, 2024 n/a
CVE-2024-30583 Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the mitInterface parameter of the fromAddressNat function. -- Mar 28, 2024 n/a
CVE-2024-30422 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in WPVibes Elementor Addon Elements allows Stored XSS.This issue affects Elementor Addon Elements: from n/a through 1.13.1. -- Mar 28, 2024 n/a
CVE-2024-30421 Cross-Site Request Forgery (CSRF) vulnerability in Pixelite Events Manager.This issue affects Events Manager: from n/a through 6.4.7.1. -- Mar 28, 2024 n/a
CVE-2024-30245 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in DecaLog.This issue affects DecaLog: from n/a through 3.9.0. -- Mar 28, 2024 n/a
CVE-2024-30244 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Andy Moyle Church Admin.This issue affects Church Admin: from n/a through 4.0.27. -- Mar 28, 2024 n/a
CVE-2024-30243 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Tomas WordPress Tooltips.This issue affects WordPress Tooltips: from n/a before 9.4.5. -- Mar 28, 2024 n/a
CVE-2024-30242 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in IT Path Solutions Contact Form to Any API.This issue affects Contact Form to Any API: from n/a through 1.1.8. -- Mar 28, 2024 n/a
CVE-2024-30241 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.1. -- Mar 28, 2024 n/a
CVE-2024-30240 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Typps Calendarista.This issue affects Calendarista: from n/a through 15.5.7. -- Mar 28, 2024 n/a
CVE-2024-30239 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Zoho Campaigns.This issue affects Zoho Campaigns: from n/a through 2.0.6. -- Mar 28, 2024 n/a
CVE-2024-30237 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Supsystic Slider by Supsystic.This issue affects Slider by Supsystic: from n/a through 1.8.10. -- Mar 28, 2024 n/a
CVE-2024-30236 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Contest Gallery.This issue affects Contest Gallery: from n/a through 21.3.4. -- Mar 28, 2024 n/a
CVE-2024-30230 Deserialization of Untrusted Data vulnerability in Acowebs PDF Invoices and Packing Slips For WooCommerce.This issue affects PDF Invoices and Packing Slips For WooCommerce: from n/a through 1.3.7. -- Mar 28, 2024 n/a
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online