Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
Recent vulnerabilities and exploits
NA
CVE-2024-4317
Missing authorization in PostgreSQL built-in views pg_stats_ext and pg_stats_ext_exprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the eavesdro...
NA
CVE-2024-28276
[Suggested description] Sourcecodester School Task Manager 1.0 is vulnerable to Cross Site Scripting (XSS) via add-task.php?task_name= component. [Vulnerability Type] Cross Site Scripting (XSS) [Vendor of Product] Sourcecodester [Affected Product Code Base] Sourcecodester Scho...
1 Github repository
NA
CVE-2024-28277
[Suggested description] In Sourcecodester School Task Manager v1.0, a vulnerability was identified within the subject_name= parameter, enabling Stored Cross-Site Scripting (XSS) attacks. This vulnerability allows attackers to manipulate the subject's name, leading the execut...
1 Github repository
NA
CVE-2024-3744
[kubernetes] CVE-2024-3744: azure-file-csi-driver discloses service account tokens in logs
NA
CVE-2024-34365
CVE-2024-34365: Apache Karaf Cave: Cave SSRF and arbitrary file access
NA
CVE-2024-27393
Xen Security Advisory 457 v3 (CVE-2024-27393) - Linux/xen-netfront: Memory leak due to missing cleanup function
NA
CVE-2024-26517
[Suggested description] SQL Injection vulnerability in School Task Manager v.1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the delete-task.php component. [Vulnerability Type] SQL Injection [Vendor of Product] Sourcecodester [Affected Pro...
1 Github repository
NA
CVE-2024-3661
TunnelVision: Decloaking Routing-Based VPNs CVE-2024-3661 TunnelVision is a local network VPN leaking technique that allows an attacker to read, drop, and sometimes modify VPN traffic from a targets on the local network. This technique does not activate kill-switches and does not...
1 Github repository
NA
CVE-2024-27793
iTunes 12.13.2 for Windows
NA
CVE-2024-34257
TOTOLINK EX1800T V9.1.0cu.2112_B20220316 has a vulnerability in the apcliEncrypType parameter that allows unauthorized execution of arbitrary commands, allowing an malicious user to obtain device administrator privileges.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »