Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
allegro allegro vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-24594
A cross-site scripting (XSS) vulnerability in all versions of the web server component of Allegro AI’s ClearML platform allows a remote malicious user to execute a JavaScript payload when a user views the Debug Samples tab in the web UI.
Clear Clearml -
9.3
CVSSv2
CVE-2009-0490
Stack-based buffer overflow in the String_parse::get_nonspace_quoted function in lib-src/allegro/strparse.cpp in Audacity 1.2.6 and other versions prior to 1.3.6 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a .gro file...
Audacityteam Audacity
3 EDB exploits
NA
CVE-2024-37364
Ariane Allegro Scenario Player through 2024-03-05, when Ariane Duo kiosk mode is used, allows physically proximate malicious users to obtain sensitive information (such as hotel invoice content with PII), and potentially create unauthorized room keys, by entering a guest-search q...
NA
CVE-2024-24593
A cross-site request forgery (CSRF) vulnerability in all versions up to 1.14.1 of the api server component of Allegro AI’s ClearML platform allows a remote malicious user to impersonate a user by sending API requests via maliciously crafted html. Exploitation of the vulnera...
Clear Clearml
4.3
CVSSv2
CVE-2013-6786
Cross-site scripting (XSS) vulnerability in Allegro RomPager prior to 4.51, as used on the ZyXEL P660HW-D1, Huawei MT882, Sitecom WL-174, TP-LINK TD-8816, and D-Link DSL-2640R and DSL-2641R, when the "forbidden author header" protection mechanism is bypassed, allows rem...
Zyxel P-660hw D1 -
Sitecom Wl-174 -
Allegrosoft Rompager
Tp-link Td-8816 -
Huawei Mt882 -
Dlink Dsl-2640r -
Dlink Dsl-2641r -
2 Nmap scripts
NA
CVE-2024-0522
A vulnerability was found in Allegro RomPager 4.01. It has been classified as problematic. Affected is an unknown function of the file usertable.htm?action=delete of the component HTTP POST Request Handler. The manipulation of the argument username leads to cross-site request for...
Allegrosoft Rompager 4.01
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2