Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4912
A vulnerability classified as critical has been found in Campcodes Online Examination System 1.0. This affects an unknown part of the file addExamExe.php. The manipulation of the argument examTitle leads to sql injection. It is possible to initiate the attack remotely. The exploi...
NA
CVE-2024-4913
A vulnerability classified as critical was found in Campcodes Online Examination System 1.0. This vulnerability affects unknown code of the file exam.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclo...
NA
CVE-2024-4976
Out-of-bounds array write in Xpdf 4.05 and previous versions, due to missing object type check in AcroForm field reference.
NA
CVE-2024-4948
Use after free in Dawn in Google Chrome before 125.0.6422.60 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
NA
CVE-2024-27243
Buffer overflow in some Zoom Workplace Apps and SDK’s may allow an authenticated user to conduct a denial of service via network access.
NA
CVE-2024-4949
Use after free in V8 in Google Chrome before 125.0.6422.60 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
NA
CVE-2024-4950
Inappropriate implementation in Downloads in Google Chrome before 125.0.6422.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
NA
CVE-2024-32047
Hard-coded credentials for the CyberPower PowerPanel test server can be found in the production code. This might result in an attacker gaining access to the testing or production server.
NA
CVE-2024-33625
CyberPower PowerPanel business application code contains a hard-coded JWT signing key. This could result in an attacker forging JWT tokens to bypass authentication.
NA
CVE-2024-34906
An arbitrary file upload vulnerability in dootask v0.30.13 allows malicious users to execute arbitrary code via uploading a crafted PDF file.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »