Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-29827
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.
NA
CVE-2024-35142
IBM Security Verify Access Docker 10.0.0 up to and including 10.0.6 could allow a local user to escalate their privileges due to execution of unnecessary privileges. IBM X-Force ID: 292418.
NA
CVE-2024-35140
IBM Security Verify Access Docker 10.0.0 up to and including 10.0.6 could allow a local user to escalate their privileges due to improper certificate validation. IBM X-Force ID: 292416.
NA
CVE-2024-36120
javascript-deobfuscator removes common JavaScript obfuscation techniques. In affected versions crafted payloads targeting expression simplification can lead to code execution. This issue has been patched in version 1.1.0. Users are advised to update. Users unable to upgrade shoul...
NA
CVE-2024-28736
An issue in Debezium Community debezium-ui v.2.5 allows a local malicious user to execute arbitrary code via the refresh page function.
NA
CVE-2022-25037
An issue in wanEditor v4.7.11 and fixed in v.4.7.12 and v.5 exists to contain a cross-site scripting (XSS) vulnerability via the image upload function.
NA
CVE-2022-25038
wanEditor v4.7.11 exists to contain a cross-site scripting (XSS) vulnerability via the video upload function.
NA
CVE-2024-36108
casgate is an Open Source Identity and Access Management system. In affected versions `casgate` allows remote unauthenticated malicious user to obtain sensitive information via GET request to an API endpoint. This issue has been addressed in PR #201 which is pending merge. An att...
6.4
CVSSv3
CVE-2023-7073
The Auto Featured Image (Auto Post Thumbnail) plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.0 via the upload_to_library AJAX action. This makes it possible for authenticated attackers, with author-level access and abov...
NA
CVE-2024-1980
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-6876. Reason: This candidate is a reservation duplicate of CVE-2023-6876. Notes: All CVE users should reference CVE-2023-6876 instead of this candidate. All references and descriptions in this ca...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »