Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-28276
[Suggested description] Sourcecodester School Task Manager 1.0 is vulnerable to Cross Site Scripting (XSS) via add-task.php?task_name= component. [Vulnerability Type] Cross Site Scripting (XSS) [Vendor of Product] Sourcecodester [Affected Product Code Base] Sourcecodester Scho...
1 Github repository
NA
CVE-2024-28277
[Suggested description] In Sourcecodester School Task Manager v1.0, a vulnerability was identified within the subject_name= parameter, enabling Stored Cross-Site Scripting (XSS) attacks. This vulnerability allows attackers to manipulate the subject's name, leading the execut...
1 Github repository
NA
CVE-2024-3744
[kubernetes] CVE-2024-3744: azure-file-csi-driver discloses service account tokens in logs
NA
CVE-2024-34365
CVE-2024-34365: Apache Karaf Cave: Cave SSRF and arbitrary file access
NA
CVE-2024-27393
Xen Security Advisory 457 v3 (CVE-2024-27393) - Linux/xen-netfront: Memory leak due to missing cleanup function
NA
CVE-2024-26517
[Suggested description] SQL Injection vulnerability in School Task Manager v.1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the delete-task.php component. [Vulnerability Type] SQL Injection [Vendor of Product] Sourcecodester [Affected Pro...
1 Github repository
NA
CVE-2024-3661
TunnelVision: Decloaking Routing-Based VPNs CVE-2024-3661 TunnelVision is a local network VPN leaking technique that allows an attacker to read, drop, and sometimes modify VPN traffic from a targets on the local network. This technique does not activate kill-switches and does not...
1 Github repository
NA
CVE-2024-27793
iTunes 12.13.2 for Windows
NA
CVE-2024-25528
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /PersonalAffair/worklog_template_show.aspx.
NA
CVE-2024-25533
Error messages in RuvarOA v6.01 and v12.01 were discovered to leak the physical path of the website (/WorkFlow/OfficeFileUpdate.aspx). This vulnerability can allow malicious users to write files to the server or execute arbitrary commands via crafted SQL statements.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »