Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
Recent vulnerabilities and exploits
NA
CVE-2023-25341
A Directory Traversal vulnerability in ladle dev server 2.5.1 and previous versions allows an attacker on the same network to read files accessible to the user via GET requests.
NA
CVE-2024-23727
The YI Smart Kami Vision com.kamivision.yismart application up to and including 1.0.0_20231219 for Android allows a remote malicious user to execute arbitrary JavaScript code via an implicit intent to the com.ants360.yicamera.activity.WebViewActivity component.
NA
CVE-2024-28090
Technicolor TC8715D TC8715D-01.EF.04.38.00-180405-S-FF9-D RSE-TC8717T devices allow a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via User name in dyn_dns.asp.
NA
CVE-2024-25506
Cross Site Scripting vulnerability in Process Maker, Inc ProcessMaker prior to 4.0 allows a remote malicious user to run arbitrary code via control of the pm_sys_sys cookie.
NA
CVE-2024-28091
Technicolor TC8715D TC8715D-01.EF.04.38.00-180405-S-FF9-D RSE-TC8717T devices allow a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via User Defined Service in managed_services_add.asp (the victim must click an X for a deletion).
NA
CVE-2024-25960
Dell PowerScale OneFS versions 8.2.2.x up to and including 9.7.0.x contains a cleartext transmission of sensitive information vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges.
NA
CVE-2024-25955
Dell vApp Manager, versions before 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends customers to upgrade at the earliest opportunity.
NA
CVE-2024-25952
Dell PowerScale OneFS versions 8.2.2.x up to and including 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering.
NA
CVE-2024-31065
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote malicious user to execute arbitrary code via the City input field.
NA
CVE-2024-25946
Dell vApp Manager, versions before 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends customers to upgrade at the earliest opportunity.
CVSSv3
Recommendations:
CVE-2024-2108
CVE-2024-31061
CVE-2024-25959
CVE-2023-45866
injection
IDOR
memory leak
CVE-2024-1086
CVE-2023-42931
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started