Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-33807
A SQL injection vulnerability in /model/get_teacher_timetable.php in campcodes Complete Web-Based School Management System 1.0 allows an malicious user to execute arbitrary SQL commands via the grade parameter.
NA
CVE-2024-2451
Improper fingerprint validation in the TeamViewer Client (Full & Host) prior Version 15.54 for Windows and macOS allows an attacker with administrative user rights to further elevate privileges via executable sideloading.
NA
CVE-2024-35397
TOTOLINK CP900L v4.1.5cu.798_B20221228 weas discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter. This vulnerability allows malicious users to execute arbitrary commands via a crafted request.
NA
CVE-2024-35400
TOTOLINK CP900L v4.1.5cu.798_B20221228 exists to contain a stack overflow via the desc parameter in the function SetPortForwardRules
NA
CVE-2024-35399
TOTOLINK CP900L v4.1.5cu.798_B20221228 exists to contain a stack overflow via the password parameter in the function loginAuth
NA
CVE-2024-4429
Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to sensitive information disclosure.
NA
CVE-2024-3969
XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to remote code execution by parsing untrusted XML payload
NA
CVE-2024-35398
TOTOLINK CP900L v4.1.5cu.798_B20221228 exists to contain a stack overflow via the desc parameter in the function setMacFilterRules.
NA
CVE-2024-5274
Type Confusion in V8 in Google Chrome before 125.0.6422.112 allowed a remote malicious user to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)