Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34515
image-optimizer prior to 1.7.3 allows PHAR deserialization, e.g., the phar:// protocol in arguments to file_exists().
NA
CVE-2024-34508
dcmnet in DCMTK prior to 3.6.9 has a segmentation fault via an invalid DIMSE message.
NA
CVE-2024-34509
dcmdata in DCMTK prior to 3.6.9 has a segmentation fault via an invalid DIMSE message.
NA
CVE-2024-34510
Gradio prior to 4.20 allows credential leakage on Windows.
NA
CVE-2024-34511
Component Server in Gradio prior to 4.13 does not properly consider _is_server_fn for functions.
NA
CVE-2024-4501
A vulnerability was found in Ruijie RG-UAC up to 20240428. It has been rated as critical. This issue affects some unknown processing of the file /view/bugSolve/captureData/commit.php. The manipulation of the argument tcpDump leads to os command injection. The attack may be initia...
NA
CVE-2024-34507
An issue exists in includes/CommentFormatter/CommentParser.php in MediaWiki prior to 1.39.7, 1.40.x prior to 1.40.3, and 1.41.x prior to 1.41.1. XSS can occur because of mishandling of the 0x1b character, as demonstrated by Special:RecentChanges#%1b0000000.
NA
CVE-2024-34500
An issue exists in the UnlinkedWikibase extension in MediaWiki prior to 1.39.6, 1.40.x prior to 1.40.2, and 1.41.x prior to 1.41.1. XSS can occur through an interface message. Error messages (in the $err var) are not escaped before being passed to Html::rawElement() in the getErr...
NA
CVE-2024-34502
An issue exists in WikibaseLexeme in MediaWiki prior to 1.39.6, 1.40.x prior to 1.40.2, and 1.41.x prior to 1.41.1. Loading Special:MergeLexemes will (attempt to) make an edit that merges the from-id to the to-id, even if the request was not a POST request, and even if it does no...
NA
CVE-2024-34506
An issue exists in includes/specials/SpecialMovePage.php in MediaWiki prior to 1.39.7, 1.40.x prior to 1.40.3, and 1.41.x prior to 1.41.1. If a user with the necessary rights to move the page opens Special:MovePage for a page with tens of thousands of subpages, then the page will...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »