Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-32369
SQL Injection vulnerability in HSC Cybersecurity HC Mailinspector 5.2.17-3 up to and including 5.2.18 allows a remote malicious user to obtain sensitive information via a crafted payload to the start and limit parameter in the mliWhiteList.php component.
1 Github repository
NA
CVE-2024-32371
An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 up to and including 5.2.18 allows a regular user account to escalate their privileges and gain administrative access by changing the type parameter from 1 to 0.
1 Github repository
NA
CVE-2024-32663
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. before 7.0.5 and 6.0.19, a small amount of HTTP/2 traffic can lead to Suricata using a large amount of memory. The issue has been addressed in Suricata 7.0.5 and ...
NA
CVE-2024-32664
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. before 7.0.5 and 6.0.19, specially crafted traffic or datasets can cause a limited buffer overflow. This vulnerability is fixed in 7.0.5 and 6.0.19. Workarounds i...
NA
CVE-2024-34342
react-pdf displays PDFs in React apps. If PDF.js is used to load a malicious PDF, and PDF.js is configured with `isEvalSupported` set to `true` (which is the default value), unrestricted attacker-controlled JavaScript will be executed in the context of the hosting domain. This vu...
NA
CVE-2024-32370
An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 up to and including 5.2.18 allows a remote malicious user to obtain sensitive information via a crafted payload to the id parameter in the mliSystemUsers.php component.
NA
CVE-2024-32867
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. before 7.0.5 and 6.0.19, various problems in handling of fragmentation anomalies can lead to mis-detection of rules and policy. This vulnerability is fixed in 7.0...
NA
CVE-2024-33120
Roothub v2.5 exists to contain an arbitrary file upload vulnerability via the customPath parameter in the upload() function. This vulnerability allows malicious users to execute arbitrary code via a crafted JSP file.
NA
CVE-2024-33122
Roothub v2.6 exists to contain a SQL injection vulnerability via the topic parameter in the list() function.
NA
CVE-2024-33124
Roothub v2.6 exists to contain a SQL injection vulnerability via the nodeTitle parameter in the parentNode() function..
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »