Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-36049
Aptos Wisal payroll accounting prior to 7.1.6 uses hardcoded credentials in the Windows client to fetch the complete list of usernames and passwords from the database server, using an unencrypted connection. This allows attackers in a machine-in-the-middle position read and write...
NA
CVE-2023-46442
An infinite loop in the retrieveActiveBody function of Soot before v4.4.1 under Java 8 allows malicious users to cause a Denial of Service (DoS).
1 Github repository
NA
CVE-2024-35395
TOTOLINK CP900L v4.1.5cu.798_B20221228 exists to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows malicious users to log in as root.
NA
CVE-2024-33427
Buffer Overflow vulnerability in Squid version before v.6.10 allows a local attacker cause a denial of service via a improper check of string in function ConfigParser::UnQuote.
NA
CVE-2024-34995
svnWebUI v1.8.3 exists to contain an arbitrary file deletion vulnerability via the dirTemps parameter under com.cym.controller.UserController#importOver. This vulnerability allows malicious users to delete arbitrary files via a crafted POST request.
NA
CVE-2023-52880
In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc Any unprivileged user can attach N_GSM0710 ldisc, but it requires CAP_NET_ADMIN to create a GSM network anyway. Require initial namespace CAP_NET_ADM...
NA
CVE-2024-35396
TOTOLINK CP900L v4.1.5cu.798_B20221228 exists to contain a hardcoded password for telnet in /web_cste/cgi-bin/product.ini, which allows malicious users to log in as root.
NA
CVE-2024-33470
An issue in the SMTP Email Settings of AVTECH Room Alert 4E v4.4.0 allows malicious users to gain access to credentials in plaintext via a passback attack. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
NA
CVE-2021-47571
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() The free_rtllib() function frees the "dev" pointer so there is use after free on the next line. Re-arrange things to avoid that.
NA
CVE-2021-47545
In the Linux kernel, the following vulnerability has been resolved: perf hist: Fix memory leak of a perf_hpp_fmt perf_hpp__column_unregister() removes an entry from a list but doesn't free the memory causing a memory leak spotted by leak sanitizer. Add the free while at t...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »