Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34451
Ghost up to and including 5.85.1 allows remote malicious users to bypass an authentication rate-limit protection mechanism by using many X-Forwarded-For headers with different values. NOTE: the vendor's position is that Ghost should be installed with a reverse proxy that all...
NA
CVE-2024-38396
An issue exists in iTerm2 3.5.x prior to 3.5.2. Unfiltered use of an escape sequence to report a window title, in combination with the built-in tmux integration feature (enabled by default), allows an malicious user to inject arbitrary code into the terminal, a different vulnerab...
1 Github repository
NA
CVE-2023-27636
Progress Sitefinity prior to 15.0.0 allows XSS by authenticated users via the content form in the SF Editor.
NA
CVE-2024-38461
irodsServerMonPerf in iRODS prior to 4.3.2 attempts to proceed with use of a path even if it is not a directory.
NA
CVE-2024-38462
iRODS prior to 4.3.2 provides an msiSendMail function with a problematic dependency on the mail binary, such as in the mailMS.cpp#L94-L106 reference.
NA
CVE-2024-38465
Shenzhen Guoxin Synthesis image system prior to 8.3.0 allows username enumeration because of the response discrepancy of incorrect versus error.
NA
CVE-2024-38467
Shenzhen Guoxin Synthesis image system prior to 8.3.0 allows unauthorized user information retrieval via the queryUser API.
NA
CVE-2024-38468
Shenzhen Guoxin Synthesis image system prior to 8.3.0 allows unauthorized password resets via the resetPassword API.
NA
CVE-2024-38466
Shenzhen Guoxin Synthesis image system prior to 8.3.0 has a 123456Qw default password.
NA
CVE-2024-38454
ExpressionEngine prior to 7.4.11 allows XSS.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »