Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-23783
Improper authentication vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and previous versions allows a network-adjacent unauthenticated malicious user to access the affected product without authentication.
NA
CVE-2024-23784
Improper access control vulnerability exists in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and previous versions, which may allow a network-adjacent unauthenticated malicious user to obtain a username and its hashed password displayed on the ma...
NA
CVE-2024-23786
Cross-site scripting vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and previous versions allows a network-adjacent unauthenticated malicious user to execute an arbitrary script on the web browser of the user who is accessing the m...
NA
CVE-2024-23787
Path traversal vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and previous versions allows a network-adjacent unauthenticated malicious user to obtain an arbitrary file in the affected product.
NA
CVE-2024-23788
Server-side request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and previous versions allows a network-adjacent unauthenticated malicious user to send an arbitrary HTTP request (GET) from the affected product.
NA
CVE-2024-23789
Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and previous versions allows a network-adjacent unauthenticated malicious user to execute an arbitrary OS command on the affected product.
NA
CVE-2024-2379
libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems.
NA
CVE-2024-23790
Improper Input Validation vulnerability in the upload functionality for user avatars allows functionality misuse due to missing check of filetypes. This issue affects OTRS: from 7.0.X up to and including 7.0.48, from 8.0.X up to and including 8.0.37, from 2023 up to and including...
Otrs Otrs
NA
CVE-2024-23791
Insertion of debug information into log file during building the elastic search index allows reading of sensitive information from articles.This issue affects OTRS: from 7.0.X up to and including 7.0.48, from 8.0.X up to and including 8.0.37, from 2023.X up to and including 2023....
Otrs Otrs
NA
CVE-2024-23795
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a ...
Siemens Tecnomatix Plant Simulation
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »