Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4609
A vulnerability exists in the Rockwell Automation FactoryTalk® View SE Datalog function that could allow a threat actor to inject a malicious SQL statement if the SQL database has no authentication in place or if legitimate credentials were stolen. If exploited, the attack co...
NA
CVE-2024-35187
Stalwart Mail Server is an open-source mail server. Prior to version 0.8.0, attackers who achieved Arbitrary Code Execution as the stalwart-mail user (including web interface admins) can gain complete root access to the system. Usually, system services are run as a separate user ...
NA
CVE-2024-34751
Deserialization of Untrusted Data vulnerability in WebToffee Order Export & Order Import for WooCommerce.This issue affects Order Export & Order Import for WooCommerce: from n/a up to and including 2.4.9.
NA
CVE-2024-4956
Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated malicious user to read system files. Fixed in version 3.68.1.
NA
CVE-2024-3640
An unquoted executable path exists in the Rockwell Automation FactoryTalk® Remote Access™ possibly resulting in remote code execution if exploited. While running the FTRA installer package, the executable path is not properly quoted, which could allow a threat acto...
NA
CVE-2024-34582
Sunhillo SureLine up to and including 8.10.0 on RICI 5000 devices allows cgi/usrPasswd.cgi userid_change XSS within the Forgot Password feature.
1 Github repository
NA
CVE-2024-34905
FlyFish v3.0.0 exists to contain a buffer overflow via the password parameter on the login page. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted input.
NA
CVE-2024-35039
idccms V1.35 exists to contain a Cross-Site Request Forgery (CSRF) via admin/tplSys_deal.php?mudi=area.
NA
CVE-2024-34958
idccms v1.35 exists to contain a Cross-Site Request Forgery (CSRF) via the component admin/banner_deal.php?mudi=add
NA
CVE-2024-34957
idccms v1.35 exists to contain a Cross-Site Request Forgery (CSRF) via the component admin/sysImages_deal.php?mudi=infoSet.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »