Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-5663
The Cards for Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Cards widget in all versions up to, and including, 1.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it poss...
NA
CVE-2024-0444
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability ...
NA
CVE-2024-4956
Shiro 1 Extractor This repository contains a Python script shiro1-extractor.py that will search all .pcl files within a specific directory and extract Apache Shiro 1 hashes from them, then write them to an output file. Usage usage: shiro1-extractor.py [-h] input_dir output_file ...
2 Github repositories
NA
CVE-2024-1694
Inappropriate implementation in Google Updator before 1.3.36.351 in Google Chrome allowed a local malicious user to bypass discretionary access control via a malicious file. (Chromium security severity: High)
NA
CVE-2023-49221
Precor touchscreen console P62, P80, and P82 could allow a remote attacker (within the local network) to bypass security restrictions, and access the service menu, because there is a hard-coded service code.
NA
CVE-2023-49223
Precor touchscreen console P62, P80, and P82 could allow a remote malicious user to obtain sensitive information because the root password is stored in /etc/passwd. An attacker could exploit this to extract files and obtain sensitive information.
NA
CVE-2023-49222
Precor touchscreen console P82 contains a private SSH key that corresponds to a default public key. A remote attacker could exploit this to gain root privileges.
NA
CVE-2023-49224
Precor touchscreen console P62, P80, and P82 contains a default SSH public key in the authorized_keys file. A remote attacker could use this key to gain root privileges.
NA
CVE-2023-7261
Inappropriate implementation in Google Updator before 1.3.36.351 in Google Chrome allowed a local malicious user to perform privilege escalation via a malicious file. (Chromium security severity: High)
NA
CVE-2023-6997
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »