Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-33871
NOTE: https://ghostscript.readthedocs.io/en/gs10.03.1/News.htmlNOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=7145885041bb52cc23964f0aa2aec1b1c82b5908 (ghostpdl-10.03.1)NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=707754 (CVE-2024-33871)
NA
CVE-2024-36597
Aegon Life v1.0 exists to contain a SQL injection vulnerability via the client_id parameter at clientStatus.php.
1 Github repository
NA
CVE-2024-36598
An arbitrary file upload vulnerability in Aegon Life v1.0 allows malicious users to execute arbitrary code via uploading a crafted image file.
1 Github repository
NA
CVE-2024-36599
A cross-site scripting (XSS) vulnerability in Aegon Life v1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter at insertClient.php.
1 Github repository
NA
CVE-2024-0090
NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
NA
CVE-2024-0092
NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service.
NA
CVE-2024-0091
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. A successful exploit of this vulnerability might lead to denial of service, information disclosure, and data tampering.
NA
CVE-2024-36587
Insecure permissions in DNSCrypt-proxy v2.0.0alpha9 to v2.1.5 allows non-privileged malicious users to escalate privileges to root via overwriting the binary dnscrypt-proxy.
NA
CVE-2024-3552
The Web Directory Free WordPress plugin prior to 1.7.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection with different techniques like UNION, Time-Based and Error-Based.
1 Github repository
NA
CVE-2023-52890
NTFS-3G prior to 75dcdc2 has a use-after-free in ntfs_uppercase_mbs in libntfs-3g/unistr.c. NOTE: discussion suggests that exploitation would be challenging.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »