Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
Recent vulnerabilities and exploits
NA
CVE-2024-34481
Drupal-Wiki versions 8.30 and 8.31 suffer from multiple persistent cross site scripting vulnerabilities.
NA
CVE-2024-26517
[Suggested description] SQL Injection vulnerability in School Task Manager v.1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the delete-task.php component. [Vulnerability Type] SQL Injection [Vendor of Product] Sourcecodester [Affected Pro...
1 Github repository
NA
CVE-2024-3661
TunnelVision: Decloaking Routing-Based VPNs CVE-2024-3661 TunnelVision is a local network VPN leaking technique that allows an attacker to read, drop, and sometimes modify VPN traffic from a targets on the local network. This technique does not activate kill-switches and does not...
1 Github repository
NA
CVE-2024-27793
iTunes 12.13.2 for Windows
NA
CVE-2024-33382
An issue in Open5GS v.2.7.0 allows an malicious user to cause a denial of service via the 64 unsuccessful UE/gnb registration
NA
CVE-2024-25533
Error messages in RuvarOA v6.01 and v12.01 were discovered to leak the physical path of the website (/WorkFlow/OfficeFileUpdate.aspx). This vulnerability can allow malicious users to write files to the server or execute arbitrary commands via crafted SQL statements.
NA
CVE-2024-34244
libmodbus v3.1.10 is vulnerable to Buffer Overflow via the modbus_write_bits function. This issue can be triggered when the function is fed with specially crafted input, which leads to out-of-bounds read and can potentially cause a crash or other unintended behaviors.
NA
CVE-2024-25528
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /PersonalAffair/worklog_template_show.aspx.
NA
CVE-2024-25532
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the bt_id parameter at /include/get_dict.aspx.
NA
CVE-2024-34257
TOTOLINK EX1800T V9.1.0cu.2112_B20220316 has a vulnerability in the apcliEncrypType parameter that allows unauthorized execution of arbitrary commands, allowing an malicious user to obtain device administrator privileges.
CVSSv3
Recommendations:
CVE-2023-21991
CVE-2024-32674
path traversal
CVE-2023-21987
denial of service
dos
CVE-2024-4647
CVE-2024-25519
CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started