Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4142
An Improper input validation vulnerability that could potentially lead to privilege escalation exists in JFrog Artifactory. Due to this vulnerability, users with low privileges may gain administrative access to the system. This issue can also be exploited in Artifactory pl...
NA
CVE-2023-46294
An issue exists in Teledyne FLIR M300 2.00-19. User account passwords are encrypted locally, and can be decrypted to cleartext passwords using the utility umSetup. This utility requires root permissions to execute.
NA
CVE-2024-25676
An issue exists in ViewerJS 0.5.8. A script from the component loads content via URL TAGs without properly sanitizing it. This leads to both open redirection and out-of-band resource loading.
NA
CVE-2024-33306
SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "First Name" parameter in Create User.
NA
CVE-2024-33307
SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "Last Name" parameter in Create User.
NA
CVE-2024-33423
Cross-Site Scripting (XSS) vulnerability in the Settings menu of CMSimple v5.15 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Logout parameter under the Language section.
NA
CVE-2023-46295
An issue exists in Teledyne FLIR M300 2.00-19. Unauthenticated remote code execution can occur in the web server. An attacker can exploit this by sending a POST request to the vulnerable PHP page. An attacker can elevate to root permissions with Sudo.
NA
CVE-2024-24403
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2024-30176. Reason: This record is a reservation duplicate of CVE-2024-30176. Notes: All CVE users should reference CVE-2024-30176 instead of this record. All references and descriptions in this record have been removed...
NA
CVE-2023-23019
Cross site scripting (XSS) vulnerability in file main.php in sourcecodester oretnom23 Blog Site 1.0 via the name and email parameters to function user_add.\
NA
CVE-2024-29011
Use of hard-coded password in the GMS ECM endpoint leading to authentication bypass vulnerability. This issue affects GMS: 9.3.4 and previous versions versions.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »