Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34829
CVE-2024-34829: IDOR in Eramba Community version <3.22.0 Issue Summary An IDOR bug was found on /attachments/attachments/download/ API allows abitrary file download, as a result of lacking of user permission control. Issue Impact All existing files in a section, including ...
1 Github repository
NA
CVE-2024-4317
WiltonDB Modified PostgreSQL with Babelfish extensions packaged for Windows and Linux. Link to documentation. News 2024-05-16 WiltonDB 3.3 update (version 8.13.1) is released for Windows and Linux. Bugfixes: this release includes a fix to CVE-2024-4317 from upstream PostgreSQL 1...
1 Github repository
NA
CVE-2024-4999
A vulnerability in the web-based management interface of multiple Ligowave devices could allow an authenticated remote malicious user to execute arbitrary commands with elevated privileges.This issue affects UNITY: up to and including 6.95-2; PRO: up to and including 6.95-1....
NA
CVE-2024-4760
A voltage glitch during the startup of EEFC NVM controllers on Microchip SAM E70/S70/V70/V71 microcontrollers allows access to the memory bus via the debug interface even if the security bit is set.
NA
CVE-2024-34582
CVE-2024-34582 Affects the latest versions of Mozilla & Chrome Web Browsers, Sunhillo Rici5k & Sureline The most current versions of the Web Servers running on the Sunhillo devices are susceptible to Reflected XSS. The vulnerability lies within the userid_change p...
1 Github repository
NA
CVE-2024-4993
Vulnerability in SiAdmin 1.1 that allows XSS via the /show.php query parameter. This vulnerability could allow a remote malicious user to send a specially crafted URL to an authenticated user and thereby steal their cookie session credentials.
7.8
CVSSv3
CVE-2024-30288
Adobe Framemaker versions 2020.5, 2022.3 and previous versions are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must o...
7.8
CVSSv3
CVE-2024-30291
Adobe Framemaker versions 2020.5, 2022.3 and previous versions are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a ...
NA
CVE-2024-4826
SQL injection vulnerability in Simple PHP Shopping Cart affecting version 0.9. This vulnerability could allow an malicious user to retrieve all the information stored in the database by sending a specially crafted SQL query, due to the lack of proper sanitisation of the category_...
NA
CVE-2024-4991
Vulnerability in SiAdmin 1.1 that allows SQL injection via the /modul/mod_pass/aksi_pass.php parameter in nama_lengkap. This vulnerability could allow a remote malicious user to send a specially crafted SQL query to the system and retrieve all the information stored in it.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »