Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34957
idccms v1.35 exists to contain a Cross-Site Request Forgery (CSRF) via the component admin/sysImages_deal.php?mudi=infoSet.
NA
CVE-2024-35039
idccms V1.35 exists to contain a Cross-Site Request Forgery (CSRF) via admin/tplSys_deal.php?mudi=area.
NA
CVE-2024-34905
FlyFish v3.0.0 exists to contain a buffer overflow via the password parameter on the login page. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted input.
NA
CVE-2024-34958
idccms v1.35 exists to contain a Cross-Site Request Forgery (CSRF) via the component admin/banner_deal.php?mudi=add
NA
CVE-2024-34582
Sunhillo SureLine up to and including 8.10.0 on RICI 5000 devices allows cgi/usrPasswd.cgi userid_change XSS within the Forgot Password feature.
1 Github repository
NA
CVE-2024-34829
CVE-2024-34829: IDOR in Eramba Community version <3.22.0 Issue Summary An IDOR bug was found on /attachments/attachments/download/ API allows abitrary file download, as a result of lacking of user permission control. Issue Impact All existing files in a section, including ...
1 Github repository
NA
CVE-2024-31142
Because of a logical error in XSA-407 (Branch Type Confusion), the mitigation is not applied properly when it is intended to be used. XSA-434 (Speculative Return Stack Overflow) uses the same infrastructure, so is equally impacted. For more details, see: https://xenbits.xen.or...
NA
CVE-2024-20326
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local malicious user to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper aut...
NA
CVE-2024-20389
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local malicious user to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper aut...
NA
CVE-2023-46842
Unlike 32-bit PV guests, HVM guests may switch freely between 64-bit and other modes. This in particular means that they may set registers used to pass 32-bit-mode hypercall arguments to values outside of the range 32-bit code would be able to set them to. When processing of hy...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »