Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-37317
The Nextcloud Notes app is a distraction free notes taking app for Nextcloud. If an attacker managed to share a folder called `Notes/` with a newly created user before they logged in, the Notes app would use that folder store the personal notes. It is recommended that the Nextclo...
NA
CVE-2024-33373
An issue in the LB-LINK BL-W1210M v2.0 router allows malicious users to bypass password complexity requirements and set single digit passwords for authentication. This vulnerability can allow malicious users to access the router via a brute-force attack.
NA
CVE-2024-37644
TRENDnet TEW-814DAP v1_(FW1.01B01) exists to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows malicious users to log in as root.
NA
CVE-2024-34539
Hardcoded credentials in TerraMaster TOS firmware up to and including 5.1 allow a remote malicious user to successfully login to the mail or webmail server. These credentials can also be used to login to the administration panel and to perform privileged actions.
NA
CVE-2024-34694
LNbits is a Lightning wallet and accounts system. Paying invoices in Eclair that do not get settled within the internal timeout (about 30s) lead to a payment being considered failed, even though it may still be in flight. This vulnerability can lead to a total loss of funds for t...
NA
CVE-2024-37312
user_oidc app is an OpenID Connect user backend for Nextcloud. Missing access control on the ID4me endpoint allows an malicious user to register an account eventually getting access to data that is available to all registered users. It is recommended that the OpenID Connect user ...
NA
CVE-2024-37313
Nextcloud server is a self hosted personal cloud system. Under some circumstance it was possible to bypass the second factor of 2FA after successfully providing the user credentials. It is recommended that the Nextcloud Server is upgraded to 26.0.13, 27.1.8 or 28.0.4 and Nextclou...
NA
CVE-2024-37314
Nextcloud Photos is a photo management app. Users can remove photos from the album of registered users. It is recommended that the Nextcloud Server is upgraded to 25.0.7 or 26.0.2 and the Nextcloud Enterprise Server is upgraded to 25.0.7 or 26.0.2.
NA
CVE-2024-37367
A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE v12. The vulnerability allows a user from a remote system with FTView to send a packet to the customer’s server to view an HMI project. This action is allowed without proper authe...
NA
CVE-2024-37368
A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. The vulnerability allows a user from a remote system with FTView to send a packet to the customer’s server to view an HMI project. Due to the lack of proper authentication, this ...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »