Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-36789
An issue in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows malicious users to create passwords that do not conform to defined security standards.
NA
CVE-2024-36787
An issue in Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 allows malicious users to bypass authentication and access the administrative interface via unspecified vectors.
NA
CVE-2024-36792
An issue in the implementation of the WPS in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows malicious users to gain access to the router's pin.
NA
CVE-2024-37162
zsa is a library for building typesafe server actions in Next.js. All users are impacted. The zsa application transfers the parse error stack from the server to the client in production build mode. This can potentially reveal sensitive information about the server environment, su...
NA
CVE-2024-36773
A cross-site scripting (XSS) vulnerability in Monstra CMS v3.0.4 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Themes parameter at index.php.
NA
CVE-2024-36788
Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 does not properly set the HTTPOnly flag for cookies. This allows malicious users to possibly intercept and access sensitive communications between the router and connected devices.
NA
CVE-2024-36790
Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 exists to store credentials in plaintext.
NA
CVE-2024-31878
IBM i 7.2, 7.3, 7.4, and 7.5 Service Tools Server (SST) is vulnerable to SST user enumeration by a remote attacker. This vulnerability can be used by a malicious actor to gather information about SST users that can be targeted in further attacks. IBM X-Force ID: 287538.
NA
CVE-2024-37160
Formwork is a flat file-based Content Management System (CMS). An attackers (requires administrator privilege) to execute arbitrary web scripts by modifying site options via /panel/options/site. This type of attack is suitable for persistence, affecting visitors across all pages ...
NA
CVE-2024-5542
The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Navigation Menu widget of the plugin's Mega Menu extension in all versions up to, and including, 2.0....
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »