Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-36821
CVE-2024-36821 The public reference that contains the minimum require information for the vulnerability covered by CVE-2024-36821
1 Github repository
NA
CVE-2024-35305
Unauth Time-Based SQL Injection in API allows to exploit HTTP request Authorization header. This issue affects Pandora FMS: from 700 through <777.
NA
CVE-2022-45168
An issue exists in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor Authentication can occur under the /login/backup_code endpoint and the /api/v1/vdeskintegration/createbackupcodes endpoint, because the application allows a user to generate or regenerate the back...
NA
CVE-2024-35304
System command injection through Netflow function due to improper input validation, allowing malicious users to execute arbitrary system commands. This issue affects Pandora FMS: from 700 through <777.
NA
CVE-2024-35307
Argument Injection Leading to Remote Code Execution in Realtime Graph Extension, allowing unauthenticated malicious users to execute arbitrary code on the server. This issue affects Pandora FMS: from 700 through <777.
NA
CVE-2024-36406
SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions before 7.14.4 and 8.6.1, unchecked input allows for open re-direct. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
NA
CVE-2024-36972
In the Linux kernel, the following vulnerability has been resolved: af_unix: Update unix_sk(sk)->oob_skb under sk_receive_queue lock. Billy Jheng Bing-Jhong reported a race between __unix_gc() and queue_oob(). __unix_gc() tries to garbage-collect close()d inflight sockets, ...
NA
CVE-2024-4403
A Cross-Site Request Forgery (CSRF) vulnerability exists in the restart_program function of the parisneo/lollms-webui v9.6. This vulnerability allows malicious users to trick users into performing unintended actions, such as resetting the program without their knowledge, by sendi...
NA
CVE-2024-35306
OS Command injection in Ajax PHP files via HTTP Request, allows to execute system commands by exploiting variables. This issue affects Pandora FMS: from 700 through <777.
NA
CVE-2022-45176
An issue exists in LIVEBOX Collaboration vDesk through v018. Stored Cross-site Scripting (XSS) can occur under the /api/v1/getbodyfile endpoint via the uri parameter. The web application (through its vShare functionality section) doesn't properly check parameters, sent in HT...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »