Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34715
Fides is an open-source privacy engineering platform. The Fides webserver requires a connection to a hosted PostgreSQL database for persistent storage of application data. If the password used by the webserver for this database connection includes special characters such as `@` a...
NA
CVE-2024-35512
An issue in hmq v1.5.5 allows malicious users to cause a Denial of Service (DoS) via crafted requests.
NA
CVE-2024-35200
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate.
NA
CVE-2023-46297
An issue exists on Mercusys MW325R EU V3 MW325R(EU)_V3_1.11.0 221019 devices. A WAN attacker can make the admin interface unreachable/invisible via an unauthenticated HTTP request. Verification of the data sent by the user does not occur. The web server does not crash, but the ad...
NA
CVE-2024-35283
A vulnerability in the Ignite component of Mitel MiContact Center Business up to and including 10.0.0.4 could allow an unauthenticated malicious user to conduct a stored cross-site scripting (XSS) attack due to insufficient input validation.
NA
CVE-2024-35284
A vulnerability in the legacy chat component of Mitel MiContact Center Business up to and including 10.0.0.4 could allow an unauthenticated malicious user to conduct a reflected cross-site scripting (XSS) attack due to insufficient input validation.
NA
CVE-2024-35311
Yubico YubiKey 5 Series prior to 5.7.0, Security Key Series prior to 5.7.0, YubiKey Bio Series prior to 5.6.4, and YubiKey 5 FIPS prior to 5.7.2 have Incorrect Access Control.
NA
CVE-2024-36427
The file-serving function in TARGIT Decision Suite 23.2.15007 allows authenticated malicious users to read or write to server files via a crafted file request. This can allow code execution via a .xview file.
NA
CVE-2024-28974
Dell Data Protection Advisor, version(s) 19.9, contain(s) an Inadequate Encryption Strength vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.
NA
CVE-2024-31079
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or cause other potential impact. This attack requires that a request be specifically timed during the connection draining process, ...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
malicious code
camera
CVE-2023-46694
CVE-2023-43847
CVE-2023-30311
CVE-2024-27842
CVE-2024-30165
arbitrary code
CVE-2024-21683
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »