Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
Recent vulnerabilities and exploits
NA
CVE-2024-28971
Dell Update Manager Plugin, versions 1.4.0 up to and including 1.5.0, contains a Plain-text Password Storage Vulnerability in Log file. A remote high privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attac...
NA
CVE-2024-25529
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /WorkFlow/wf_office_file_history_show.aspx.
NA
CVE-2024-33612
An improper certificate validation vulnerability exists in BIG-IP Next Central Manager and may allow an malicious user to impersonate an Instance Provider system. A successful exploit of this vulnerability can allow the malicious user to cross a security boundary. N...
NA
CVE-2024-25560
When BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
NA
CVE-2024-28883
An origin validation vulnerability exists in BIG-IP APM browser network access VPN client for Windows, macOS and Linux which may allow an malicious user to bypass F5 endpoint inspection. Note: Software versions which have reached End of Technical Support (EoTS) are not ...
NA
CVE-2024-28132
Exposure of Sensitive Information vulnerability exists in the GSLB container, which may allow an authenticated attacker with local access to view sensitive information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
NA
CVE-2024-25521
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the txt_keyword parameter at get_company.aspx.
NA
CVE-2024-34347
@hoppscotch/cli is a CLI to run Hoppscotch Test Scripts in CI environments. before 0.8.0, the @hoppscotch/js-sandbox package provides a Javascript sandbox that uses the Node.js vm module. However, the vm module is not safe for sandboxing untrusted Javascript code. This is because...
NA
CVE-2024-25520
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /SysManage/sys_blogtemplate_new.aspx.
NA
CVE-2024-32113
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz.This issue affects Apache OFBiz: prior to 18.12.13. Users are recommended to upgrade to version 18.12.13, which fixes the issue.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »