Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-3271
A command injection vulnerability exists in the run-llama/llama_index repository, specifically within the safe_eval function. Attackers can bypass the intended security mechanism, which checks for the presence of underscores in code generated by LLM, to execute arbitrary code. Th...
NA
CVE-2024-32710
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a up to and including 16.26.5.
NA
CVE-2024-32711
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in myCred allows Stored XSS.This issue affects myCred: from n/a up to and including 2.6.3.
NA
CVE-2024-32716
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StreamWeasels StreamWeasels Twitch Integration.This issue affects StreamWeasels Twitch Integration: from n/a up to and including 1.7.8.
NA
CVE-2024-32718
Server-Side Request Forgery (SSRF) vulnerability in Webangon The Pack Elementor.This issue affects The Pack Elementor addons: from n/a up to and including 2.0.8.2.
9.8
CVSSv3
CVE-2024-3272
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Requ...
Dlink Dns-320l Firmware -
Dlink Dns-120 Firmware -
Dlink Dnr-202l Firmware -
Dlink Dns-315l Firmware -
Dlink Dns-320 Firmware -
Dlink Dns-320lw Firmware -
Dlink Dns-321 Firmware -
Dlink Dnr-322l Firmware -
Dlink Dns-323 Firmware -
Dlink Dns-325 Firmware -
Dlink Dns-326 Firmware -
Dlink Dns-327l Firmware -
Dlink Dnr-326 Firmware -
Dlink Dns-340l Firmware -
Dlink Dns-343 Firmware -
Dlink Dns-345 Firmware -
Dlink Dns-726-4 Firmware -
Dlink Dns-1100-4 Firmware -
Dlink Dns-1200-05 Firmware -
Dlink Dns-1550-04 Firmware -
NA
CVE-2024-32721
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jegtheme Jeg Elementor Kit allows Stored XSS.This issue affects Jeg Elementor Kit: from n/a up to and including 2.6.3.
NA
CVE-2024-32722
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Coupon & Discount Code Reveal Button allows Stored XSS.This issue affects Coupon & Discount Code Reveal Button: from n/a up to and including 1.2.5.
NA
CVE-2024-32723
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Code Tides Advanced Floating Content allows Stored XSS.This issue affects Advanced Floating Content: from n/a up to and including 1.2.5.
NA
CVE-2024-32728
Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Paid Member Subscriptions.This issue affects Paid Member Subscriptions: from n/a up to and including 2.11.0.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »