Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-3806
CVE-2024-3806-AND-CVE-2024-3807-Poc CVE-2024-3806: Porto <= 7.1.0 - Unauthenticated Local File Inclusion via porto_ajax_posts CVE-2024-3807: Porto <= 7.1.0 - Authenticated (Contributor+) Local File Inclusion via Post Meta Porto 7.1.0: https://drive.google.com/file/d...
1 Github repository
NA
CVE-2024-3807
CVE-2024-3806-AND-CVE-2024-3807-Poc CVE-2024-3806: Porto <= 7.1.0 - Unauthenticated Local File Inclusion via porto_ajax_posts CVE-2024-3807: Porto <= 7.1.0 - Authenticated (Contributor+) Local File Inclusion via Post Meta Porto 7.1.0: https://drive.google.com/file/d...
1 Github repository
NA
CVE-2022-7890
CVE-2022-7890
1 Github repository
NA
CVE-2024-34310
CVE-2024-34310 CVE-2024-34310 [Suggested description] Jin Fang Times Content Management System v3.2.3 was discovered to contain a SQL injection vulnerability via the id parameter. [Vulnerability Type] SQL Injection [Vendor of Product] https://www.bjjfsd.com/ [Affected Product...
1 Github repository
NA
CVE-2024-4701
Any Genie OSS users running their own instance and relying on the filesystem to store file attachments submitted to the Genie application may be impacted. Using this technique, it is possible to write a file with any user-specified filename and file contents to any location on th...
NA
CVE-2024-29212
Veeam Service Provider Console Vulnerability. Due to an unsafe deserialization method used by the Veeam Service Provider Console (VSPC) server in communication between the management agent and its components, under certain conditions, it is possible to perform Remote Code Executi...
NA
CVE-2024-34350
Next.js Vulnerable to HTTP Request Smuggling. Inconsistent interpretation of a crafted HTTP request meant that requests are treated as both a single request, and two separate requests by Next.js, leading to desynchronized responses. This led to a response queue poisoning vulnerab...
NA
CVE-2024-34342
react-pdf vulnerable to arbitrary JavaScript execution upon opening a malicious PDF with PDF.js. If PDF.js is used to load a malicious PDF, and PDF.js is configured with isEvalSupported set to true (which is the default value), unrestricted attacker-controlled JavaScript will be ...
NA
CVE-2024-4367
PDF.js vulnerable to arbitrary JavaScript execution upon opening a malicious PDF. If pdf.js is used to load a malicious PDF, and PDF.js is configured with isEvalSupported set to true (which is the default value), unrestricted attacker-controlled JavaScript will be executed in the...
NA
CVE-2024-34351
CVE-2024-34351
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »