Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-37770
libjpeg commit 281daa9 exists to contain a segmentation fault via LineMerger::GetNextLowpassLine at linemerger.cpp. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted file.
Jpeg Libjpeg -
6.7
CVSSv3
CVE-2022-37771
IObit Malware Fighter v9.2 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable.
Iobit Malware Fighter 9.2
6.1
CVSSv3
CVE-2023-49488
A cross-site scripting (XSS) vulnerability in Openfiler ESA v2.99.1 allows malicious users to execute arbitrary web scripts or HTML via injecting a crafted payload into the nic parameter.
Openfiler Openfiler 2.99.1
6.1
CVSSv3
CVE-2023-49489
Reflective Cross Site Scripting (XSS) vulnerability in KodExplorer version 4.51, allows malicious users to obtain sensitive information and escalate privileges via the APP_HOST parameter at config/i18n/en/main.php.
Kodcloud Kodexplorer 4.51
6.7
CVSSv3
CVE-2023-4949
An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation.
Gnu Grub
Xen Xen -
6.1
CVSSv3
CVE-2023-49490
XunRuiCMS v4.5.5 exists to contain a reflective cross-site scripting (XSS) vulnerability via the component /admin.php.
Xunruicms Xunruicms 4.5.5
6.1
CVSSv3
CVE-2023-49492
DedeCMS v5.7.111 exists to contain a reflective cross-site scripting (XSS) vulnerability via the imgstick parameter at selectimages.php.
Dedecms Dedecms 5.7.111
6.1
CVSSv3
CVE-2023-49493
DedeCMS v5.7.111 exists to contain a reflective cross-site scripting (XSS) vulnerability via the v parameter at selectimages.php.
Dedecms Dedecms 5.7.111
6.1
CVSSv3
CVE-2023-49494
DedeCMS v5.7.111 exists to contain a reflective cross-site scripting (XSS) vulnerability via the component select_media_post_wangEditor.php.
Dedecms Dedecms 5.7.111
9.1
CVSSv3
CVE-2022-29226
Envoy is a cloud-native high-performance proxy. In versions before 1.22.1 the OAuth filter implementation does not include a mechanism for validating access tokens, so by design when the HMAC signed cookie is missing a full authentication flow should be triggered. However, the cu...
Envoyproxy Envoy
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-35229
privilege escalation
local users
CVE-2024-5405
CVE-2024-27842
CVE-2024-5274
CVE-2024-5378
CVE-2024-34152
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »