Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-28148
CVE-2024-28148: Apache Superset: Incorrect datasource authorization on explore REST API
NA
CVE-2024-4583
A vulnerability classified as problematic was found in Faraday GM8181 and GM828x up to 20240429. Affected by this vulnerability is an unknown functionality of the component Request Handler. The manipulation leads to information disclosure. The attack can be launched remotely. The...
NA
CVE-2024-4599
Remote denial of service vulnerability in LAN Messenger affecting version 3.4.0. This vulnerability allows an malicious user to crash the LAN Messenger service by sending a long string directly and continuously over the UDP protocol.
NA
CVE-2024-4582
A vulnerability classified as critical has been found in Faraday GM8181 and GM828x up to 20240429. Affected is an unknown function of the component NTP Service. The manipulation of the argument ntp_srv leads to os command injection. It is possible to launch the attack remotely. T...
NA
CVE-2023-6810
The ClickCease Click Fraud Protection plugin for WordPress is vulnerable to unauthorized access of data due to an improper capability check on the get_settings function in all versions up to, and including, 3.2.4. This makes it possible for authenticated attackers, with author ac...
NA
CVE-2024-4346
The Startklar Elementor Addons plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 1.7.13. This is due to the plugin not properly validating the path of an uploaded file prior to deleting it. This makes it possible for unauthenticat...
NA
CVE-2024-4345
The Startklar Elementor Addons plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'process' function in the 'startklarDropZoneUploadProcess' class in versions up to, and including, 1.7.13. This makes it...
NA
CVE-2024-23808
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free or cause DOS through NULL pointer dereference.
NA
CVE-2024-31078
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through NULL pointer dereference.
NA
CVE-2024-27217
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »