Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
remote attackers vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-35548
A SQL injection vulnerability in Mybatis plus versions below 3.5.6 allows remote malicious users to obtain database information via a Boolean blind injection
NA
CVE-2023-43846
Incorrect access control in logs management function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote malicious users to get the device logs via HTTP GET request. The logs contain such information as user names and IP addresses used in the infrastructure. This in...
7.2
CVSSv3
CVE-2024-5403
ASKEY 5G NR Small Cell fails to properly filter user input for certain functionality, allowing remote attackers with administrator privilege to execute arbitrary system commands on the remote server.
8.8
CVSSv3
CVE-2024-5400
Openfind Mail2000 does not properly filter parameters of specific CGI. Remote attackers with regular privileges can exploit this vulnerability to execute arbitrary system commands on the remote server.
7.2
CVSSv3
CVE-2024-5399
Openfind Mail2000 does not properly filter parameters of specific API. Remote attackers with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the remote server.
NA
CVE-2024-5247
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability. The specific flaw exists within the UpLoadServlet class. The issue results from ...
NA
CVE-2024-99999
whatsthetalk.eu Research in API security If you want to lead, just find the API key. Powered by wtt wtt is a simple command line "ChatGPT". It is a wrapper around google.generativeai that accepts variable number of string and/or file path arguments. It concatenates them...
1 Github repository
NA
CVE-2024-35374
Mocodo Mocodo Online 4.2.6 and below does not properly sanitize the sql_case input field in /web/generate.php, allowing remote malicious users to execute arbitrary SQL commands and potentially command injection, leading to remote code execution (RCE) under certain conditions.
NA
CVE-2024-29822
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the RecordGoodApp method. The issue resul...
NA
CVE-2024-29823
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the GetDBVulnerabilities method. The issu...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »