Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
json vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-47114
Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in your runtime environment, and the enforcement of privacy regulations in your code. The Fides web application allows data subject users to request access to their personal...
Ethyca Fides
NA
CVE-2023-46253
Squidex is an open source headless CMS and content management hub. Affected versions are subject to an arbitrary file write vulnerability in the backup restore feature which allows an authenticated malicious user to gain remote code execution (RCE). Squidex allows users with the ...
Squidex.io Squidex 7.8.2
NA
CVE-2023-4043
In Eclipse Parsson prior to 1.1.4 and 1.0.5, Parsing JSON from untrusted sources can lead malicious actors to exploit the fact that the built-in support for parsing numbers with large scale in Java has a number of edge cases where the input text of a number can lead to much large...
Eclipse Parsson
NA
CVE-2023-31579
Dromara Lamp-Cloud before v3.8.1 exists to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows malicious users to authenticate to the application via a crafted JWT token.
Tangyh Lamp-cloud
NA
CVE-2023-22518
All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated malicious user to reset Confluence and create a Confluence instance administrator account. Using this account, an ...
Atlassian Confluence Data Center
Atlassian Confluence Data Center 8.6.0
Atlassian Confluence Server
Atlassian Confluence Server 8.6.0
1 Metasploit module
11 Github repositories
4 Articles
NA
CVE-2023-31422
An issue exists by Elastic whereby sensitive information is recorded in Kibana logs in the event of an error. The issue impacts only Kibana version 8.10.0 when logging in the JSON layout or when the pattern layout is configured to log the %meta pattern. Elastic has released Kiban...
Elastic Kibana 8.10.0
NA
CVE-2023-4939
The SALESmanago plugin for WordPress is vulnerable to Log Injection in versions up to, and including, 3.2.4. This is due to the use of a weak authentication token for the /wp-json/salesmanago/v1/callbackApiV3 API endpoint which is simply a SHA1 hash of the site URL and client ID ...
Salesmanago Salesmanago
NA
CVE-2023-45822
Artifact Hub is a web-based application that enables finding, installing, and publishing packages and configurations for CNCF projects. During a security audit of Artifact Hub's code base a security researcher identified a bug in which a default unsafe rego built-in was allo...
Artifacthub Hub
NA
CVE-2023-35180
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows authenticated users to abuse SolarWinds ARM API.
Solarwinds Access Rights Manager
NA
CVE-2023-45803
urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303 after the request had its method changed from one that could accept a request body (like `POST`) t...
Python Urllib3
Fedoraproject Fedora 38
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »