Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-49488
A cross-site scripting (XSS) vulnerability in Openfiler ESA v2.99.1 allows malicious users to execute arbitrary web scripts or HTML via injecting a crafted payload into the nic parameter.
Openfiler Openfiler 2.99.1
NA
CVE-2023-49489
Reflective Cross Site Scripting (XSS) vulnerability in KodExplorer version 4.51, allows malicious users to obtain sensitive information and escalate privileges via the APP_HOST parameter at config/i18n/en/main.php.
Kodcloud Kodexplorer 4.51
2.1
CVSSv2
CVE-2020-27152
An issue exists in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel prior to 5.9.2. It has an infinite loop related to improper interaction between a resampler and edge triggering, aka CID-77377064c3a9.
Linux Linux Kernel
6.5
CVSSv2
CVE-2020-27154
The chat window of Mitel BusinessCTI Enterprise (MBC-E) Client for Windows prior to 6.4.11 and 7.x prior to 7.0.3 could allow an malicious user to gain access to user information by sending arbitrary code, due to improper input validation. A successful exploit could allow an mali...
Mitel Businesscti Enterprise
NA
CVE-2023-4949
An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation.
Gnu Grub
Xen Xen -
NA
CVE-2023-49490
XunRuiCMS v4.5.5 exists to contain a reflective cross-site scripting (XSS) vulnerability via the component /admin.php.
Xunruicms Xunruicms 4.5.5
7.5
CVSSv2
CVE-2020-27156
Veritas APTARE versions before 10.5 did not perform adequate authorization checks. This vulnerability could allow for remote code execution by an unauthenticated user.
Veritas Aptare
NA
CVE-2023-49492
DedeCMS v5.7.111 exists to contain a reflective cross-site scripting (XSS) vulnerability via the imgstick parameter at selectimages.php.
Dedecms Dedecms 5.7.111
NA
CVE-2023-49493
DedeCMS v5.7.111 exists to contain a reflective cross-site scripting (XSS) vulnerability via the v parameter at selectimages.php.
Dedecms Dedecms 5.7.111
10
CVSSv2
CVE-2020-27158
Addressed remote code execution vulnerability in cgi_api.php that allowed escalation of privileges in Western Digital My Cloud NAS devices before 5.04.114.
Westerndigital My Cloud Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-35229
privilege escalation
local users
CVE-2024-5405
CVE-2024-27842
CVE-2024-5274
CVE-2024-5378
CVE-2024-34152
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »