Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-36049
Aptos Wisal payroll accounting prior to 7.1.6 uses hardcoded credentials in the Windows client to fetch the complete list of usernames and passwords from the database server, using an unencrypted connection. This allows attackers in a machine-in-the-middle position read and write...
NA
CVE-2023-46442
An infinite loop in the retrieveActiveBody function of Soot before v4.4.1 under Java 8 allows malicious users to cause a Denial of Service (DoS).
1 Github repository
NA
CVE-2023-52880
In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc Any unprivileged user can attach N_GSM0710 ldisc, but it requires CAP_NET_ADMIN to create a GSM network anyway. Require initial namespace CAP_NET_ADM...
NA
CVE-2024-35395
TOTOLINK CP900L v4.1.5cu.798_B20221228 exists to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows malicious users to log in as root.
NA
CVE-2024-35396
TOTOLINK CP900L v4.1.5cu.798_B20221228 exists to contain a hardcoded password for telnet in /web_cste/cgi-bin/product.ini, which allows malicious users to log in as root.
NA
CVE-2024-33427
Buffer Overflow vulnerability in Squid version before v.6.10 allows a local attacker cause a denial of service via a improper check of string in function ConfigParser::UnQuote.
NA
CVE-2024-34995
svnWebUI v1.8.3 exists to contain an arbitrary file deletion vulnerability via the dirTemps parameter under com.cym.controller.UserController#importOver. This vulnerability allows malicious users to delete arbitrary files via a crafted POST request.
NA
CVE-2021-47569
In the Linux kernel, the following vulnerability has been resolved: io_uring: fail cancellation for EXITING tasks WARNING: CPU: 1 PID: 20 at fs/io_uring.c:6269 io_try_cancel_userdata+0x3c5/0x640 fs/io_uring.c:6269 CPU: 1 PID: 20 Comm: kworker/1:0 Not tainted 5.16.0-rc1-syzkalle...
NA
CVE-2024-35339
Tenda FH1206 V1.2.0.8(8155) exists to contain a command injection vulnerability via the mac parameter at ip/goform/WriteFacMac.
NA
CVE-2021-47541
In the Linux kernel, the following vulnerability has been resolved: net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources() In mlx4_en_try_alloc_resources(), mlx4_en_copy_priv() is called and tmp->tx_cq will be freed on the error path of mlx4_en_copy_priv(). ...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »