Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
client vulnerabilities and exploits
(subscribe to this query)
8.4
CVSSv3
CVE-2024-23360
Memory corruption while creating a LPAC client as LPAC engine was allowed to access GPU registers.
NA
CVE-2023-48789
A client-side enforcement of server-side security in Fortinet FortiPortal version 6.0.0 up to and including 6.0.14 allows malicious user to improper access control via crafted HTTP requests.
NA
CVE-2023-38042
A local privilege escalation vulnerability in Ivanti Secure Access Client for Windows allows a low privileged user to execute code as SYSTEM.
NA
CVE-2023-46810
A local privilege escalation vulnerability in Ivanti Secure Access Client for Linux prior to 22.7R1, allows a low privileged user to execute code as root.
NA
CVE-2024-36889
In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure snd_nxt is properly initialized on connect Christoph reported a splat hinting at a corrupted snd_una: WARNING: CPU: 1 PID: 38 at net/mptcp/protocol.c:1005 __mptcp_clean_una+0x4b3/0x620 net/mptcp/pro...
NA
CVE-2024-36022
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Init zone device and drm client after mode-1 reset on reload In passthrough environment, when amdgpu is reloaded after unload, mode-1 is triggered after initializing the necessary IPs, That init does ...
NA
CVE-2024-3050
The Site Reviews WordPress plugin prior to 7.0.0 retrieves client IP addresses from potentially untrusted headers, allowing an malicious user to manipulate its value. This may be used to bypass IP-based blocking
NA
CVE-2024-30165
Amazon AWS Client VPN prior to 3.9.1 on macOS has a buffer overflow that could potentially allow a local actor to execute arbitrary commands with elevated permissions, a different vulnerability than CVE-2024-30164.
NA
CVE-2024-30164
Amazon AWS Client VPN has a buffer overflow that could potentially allow a local actor to execute arbitrary commands with elevated permissions. This is resolved in 3.11.1 on Windows, 3.9.1 on macOS, and 3.12.1 on Linux. NOTE: although the macOS resolution is the same as for CVE-2...
NA
CVE-2024-22590
The TLS engine in Kwik commit 745fd4e2 does not track the current state of the connection. This vulnerability can allow Client Hello messages to be overwritten at any time, including after a connection has been established.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »