Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-26024
SUBNET Substation Server
NA
CVE-2024-3951
PTC Codebeamer
NA
CVE-2024-32369
SQL Injection vulnerability in HSC Cybersecurity HC Mailinspector 5.2.17-3 up to and including 5.2.18 allows a remote malicious user to obtain sensitive information via a crafted payload to the start and limit parameter in the mliWhiteList.php component.
1 Github repository
NA
CVE-2024-33122
Roothub v2.6 exists to contain a SQL injection vulnerability via the topic parameter in the list() function.
NA
CVE-2024-4594
A vulnerability, which was classified as problematic, was found in DedeCMS 5.7. Affected is an unknown function of the file /src/dede/sys_safe.php. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed t...
NA
CVE-2024-32371
An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 up to and including 5.2.18 allows a regular user account to escalate their privileges and gain administrative access by changing the type parameter from 1 to 0.
1 Github repository
NA
CVE-2024-32867
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. before 7.0.5 and 6.0.19, various problems in handling of fragmentation anomalies can lead to mis-detection of rules and policy. This vulnerability is fixed in 7.0...
NA
CVE-2024-32370
An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 up to and including 5.2.18 allows a remote malicious user to obtain sensitive information via a crafted payload to the id parameter in the mliSystemUsers.php component.
NA
CVE-2024-33120
Roothub v2.5 exists to contain an arbitrary file upload vulnerability via the customPath parameter in the upload() function. This vulnerability allows malicious users to execute arbitrary code via a crafted JSP file.
NA
CVE-2024-34342
react-pdf displays PDFs in React apps. If PDF.js is used to load a malicious PDF, and PDF.js is configured with `isEvalSupported` set to `true` (which is the default value), unrestricted attacker-controlled JavaScript will be executed in the context of the hosting domain. This vu...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »