Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-6322
A stack-based buffer overflow vulnerability exists in the message parsing functionality of the Roku Indoor Camera SE version 3.0.2.4679 and Wyze Cam v3 version 4.36.11.5859. A specially crafted message can lead to stack-based buffer overflow. An attacker can make authenticated re...
NA
CVE-2024-4670
The All-in-One Video Gallery plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.6.5 via the aiovg_search_form shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to include and exe...
NA
CVE-2023-6323
ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an malicious user to impersonate an authoritative server.
NA
CVE-2024-2248
A Header Injection vulnerability in the JFrog platform in versions below 7.85.0 (SaaS) and 7.84.7 (Self-Hosted) may allow threat actors to take over the end user's account when clicking on a specially crafted URL sent to the victim’s user email.
NA
CVE-2023-6321
A command injection vulnerability exists in the IOCTL that manages OTA updates. A specially crafted command can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.
NA
CVE-2023-6324
ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity
NA
CVE-2023-52424
A newly discovered vulnerability, CVE-2023-52424, rooted in the IEEE 802.11 WiFi standard, allows attackers to perform SSID Confusion attacks. This flaw lets adversaries trick victims into connecting to less secure networks, intercepting and manipulating their traffic. Additional...
NA
CVE-2024-4702
The Mega Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Button widget in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for a...
NA
CVE-2024-22026
CVE-2024-22026 Exploit POC for CVE-2024-22026 affecting Ivanti EPMM "MobileIron Core"
1 Github repository
NA
CVE-2024-34094
Acrobat Reader versions 20.005.30574, 24.002.20736 and previous versions are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must ope...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »