Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4323
Critical Fluent Bit bug affects all major cloud providers, say researchers
1 Article
NA
CVE-2024-35061
NASA AIT-Core v2.5.2 exists to use unencrypted channels to exchange data over the network, allowing malicious users to execute a man-in-the-middle attack.
NA
CVE-2024-33525
A Stored Cross-site Scripting (XSS) vulnerability in the "Import of organizational units and title of organizational unit" feature in ILIAS 7.20 to 7.30 and ILIAS 8.4 to 8.10 as well as ILIAS 9.0 allows remote authenticated attackers with administrative privileges to in...
NA
CVE-2024-35060
An issue in the YAML Python library of NASA AIT-Core v2.5.2 allows malicious users to execute arbitrary commands via supplying a crafted YAML file.
NA
CVE-2024-31989
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It has been discovered that an unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Despite having installed the latest version of the VPC CNI plugin...
NA
CVE-2024-25724
In RTI Connext Professional 5.3.1 up to and including 6.1.0 prior to 6.1.1, a buffer overflow in XML parsing from Routing Service, Recording Service, Queuing Service, and Cloud Discovery Service allows malicious users to execute code with the affected service's privileges, c...
NA
CVE-2024-35059
An issue in the Pickle Python library of NASA AIT-Core v2.5.2 allows malicious users to execute arbitrary commands.
NA
CVE-2024-22274
The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system.
NA
CVE-2024-4154
In lunary-ai/lunary version 1.2.2, an incorrect synchronization vulnerability allows unprivileged users to rename projects they do not have access to. Specifically, an unprivileged user can send a PATCH request to the project's endpoint with a new name for a project, despite...
NA
CVE-2024-22275
The vCenter Server contains a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing sensitive data.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »