Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-5145
A vulnerability was found in SourceCodester Vehicle Management System up to 1.0 and classified as critical. This issue affects some unknown processing of the file /newdriver.php of the component HTTP POST Request Handler. The manipulation of the argument file leads to unrestricte...
NA
CVE-2024-5147
The WPZOOM Addons for Elementor (Templates, Widgets) plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.37 via the 'grid_style' parameter. This makes it possible for unauthenticated malicious users to include and execute...
NA
CVE-2024-5148
gnome-remote-desktop: D-Bus system service in GNOME release 46 local information leaks (CVE-2024-5148)
NA
CVE-2024-5149
The BuddyForms plugin for WordPress is vulnerable to Email Verification Bypass in all versions up to, and including, 2.8.9 via the use of an insufficiently random activation code. This makes it possible for unauthenticated malicious users to bypass the email verification.
Themekraft Buddyforms
NA
CVE-2024-5150
The Login with phone number plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.26. This is due to the 'activation_code' default value is empty, and the not empty check is missing in the 'lwp_ajax_register' functio...
NA
CVE-2024-5152
The ElementsReady Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘_id’ parameter in all versions up to, and including, 6.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenti...
NA
CVE-2024-5153
The Startklar Elementor Addons plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.7.15 via the 'dropzone_hash' parameter. This makes it possible for unauthenticated malicious users to copy the contents of arbitrary files on...
NA
CVE-2024-5157
Use after free in Scheduling in Google Chrome before 125.0.6422.76 allowed a remote malicious user to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
NA
CVE-2024-5158
Type Confusion in V8 in Google Chrome before 125.0.6422.76 allowed a remote malicious user to potentially perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
NA
CVE-2024-5159
Heap buffer overflow in ANGLE in Google Chrome before 125.0.6422.76 allowed a remote malicious user to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »