Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
enterprise vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-5127
In lunary-ai/lunary versions 1.2.2 up to and including 1.2.25, an improper access control vulnerability allows users on the Free plan to invite other members and assign them any role, including those intended for Paid and Enterprise plans only. This issue arises due to insufficie...
NA
CVE-2024-4332
An authentication bypass vulnerability has been identified in the REST and SOAP API components of Tripwire Enterprise (TE) 9.1.0 when TE is configured to use LDAP/Active Directory SAML authentication and its optional "Auto-synchronize LDAP Users, Roles, and Groups" feat...
NA
CVE-2024-37019
Northern.tech Mender Enterprise prior to 3.6.4 and 3.7.x prior to 3.7.4 has Weak Authentication.
NA
CVE-2023-49572
A vulnerability has been discovered in VX Search Enterprise affecting version 10.2.14 that could allow an malicious user to execute persistent XSS through /setup_odbc in odbc_data_source, odbc_user and odbc_password parameters. This vulnerability could allow an malicious user to ...
NA
CVE-2023-49573
A vulnerability has been discovered in VX Search Enterprise affecting version 10.2.14 that could allow an malicious user to execute persistent XSS through /add_command_action in action_value. This vulnerability could allow an malicious user to store malicious JavaScript payloads ...
NA
CVE-2023-49574
A vulnerability has been discovered in VX Search Enterprise affecting version 10.2.14 that could allow an malicious user to execute persistent XSS through /add_job in job_name. This vulnerability could allow an malicious user to store malicious JavaScript payloads on the system t...
NA
CVE-2023-49575
A vulnerability has been discovered in VX Search Enterprise affecting version 10.2.14 that could allow an malicious user to execute persistent XSS through /setup_smtp in smtp_server, smtp_user, smtp_password and smtp_email_address parameters. This vulnerability could allow an mal...
NA
CVE-2024-29849
Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface.
2 Articles
NA
CVE-2024-29850
Veeam Backup Enterprise Manager allows account takeover via NTLM relay.
1 Article
NA
CVE-2024-29851
Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise manager service account.
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »