Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-35494
CVE-2024-35494
1 Github repository
NA
CVE-2024-1298
EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access. A successful exploit of this vulnerability may lead to a loss of Availability.
NA
CVE-2024-36119
Statamic is a, Laravel + Git powered CMS designed for building websites. In affected versions users registering via the `user:register_form` tag will have their password confirmation stored in plain text in their user file. This only affects sites matching **all** of the followin...
NA
CVE-2024-5027
Citrix Workspace app for Mac Security Bulletin for CVE-2024-5027: A vulnerability has been discovered in Citrix Workspace app for Mac, which, if exploited, may result in elevation of privilege from a local authenticated user to a root user. The following supported versions of Cit...
NA
CVE-2024-32877
Yii 2 is a PHP application framework. During internal penetration testing of a product based on Yii2, users discovered a Cross-site Scripting (XSS) vulnerability within the framework itself. This issue is relevant for the latest version of Yii2 (2.0.49.3). This issue lies in the ...
NA
CVE-2024-35189
Fides is an open-source privacy engineering platform. The Fides webserver has a number of endpoints that retrieve `ConnectionConfiguration` records and their associated `secrets` which _can_ contain sensitive data (e.g. passwords, private keys, etc.). These `secrets` are stored e...
NA
CVE-2024-4842
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: Not a vulnerability
NA
CVE-2024-34171
Fuji Electric Monitouch V-SFT is vulnerable to a stack-based buffer overflow, which could allow an malicious user to execute arbitrary code.
NA
CVE-2024-35228
Wagtail is an open source content management system built on Django. Due to an improperly applied permission check in the `wagtail.contrib.settings` module, a user with access to the Wagtail admin and knowledge of the URL of the edit view for a settings model can access and updat...
NA
CVE-2024-35469
A SQL injection vulnerability in /hrm/user/ in SourceCodester Human Resource Management System 1.0 allows malicious users to execute arbitrary SQL commands via the password parameter.
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36954
CVE-2024-36933
CVE-2024-24919
CVE-2024-36923
CVE-2024-2961
CVE-2024-36925
bypass
encryption
command injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »