Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-35621
A cross-site scripting (XSS) vulnerability in the Edit function of Formwork prior to 1.13.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Content field.
NA
CVE-2024-35399
TOTOLINK CP900L v4.1.5cu.798_B20221228 exists to contain a stack overflow via the password parameter in the function loginAuth
NA
CVE-2024-35398
TOTOLINK CP900L v4.1.5cu.798_B20221228 exists to contain a stack overflow via the desc parameter in the function setMacFilterRules.
NA
CVE-2024-4429
Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to sensitive information disclosure.
NA
CVE-2024-35397
TOTOLINK CP900L v4.1.5cu.798_B20221228 weas discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter. This vulnerability allows malicious users to execute arbitrary commands via a crafted request.
NA
CVE-2024-5274
Type Confusion in V8 in Google Chrome before 125.0.6422.112 allowed a remote malicious user to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)