Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
github.com vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-41928
XWiki Platform vulnerable to Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in AttachmentSelector.xml. The issue can also be reproduced by inserting the dangerous payload in the `height` or `alt` macro properties. This has been pa...
Xwiki Xwiki
Xwiki Xwiki 5.0
Xwiki Xwiki 14.4.3
Xwiki Xwiki 14.4.4
9.1
CVSSv3
CVE-2023-0645
An out of bounds read exists in libjxl. An attacker using a specifically crafted file could cause an out of bounds read in the exif handler. We recommend upgrading to version 0.8.1 or past commit https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca...
Libjxl Project Libjxl
7.5
CVSSv3
CVE-2020-36567
Unsanitized input in the default logger in github.com/gin-gonic/gin before v1.6.0 allows remote malicious users to inject arbitrary log lines.
Gin-gonic Gin
9.8
CVSSv3
CVE-2022-39293
Azure RTOS USBX is a high-performance USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. The case is, in [_ux_host_class_pima_read](https://github.com/azure-rtos/usbx/blob/master/common/usbx_host_classes/src/ux_host_class_pima_...
Microsoft Azure Rtos Usbx
NA
CVE-2024-35183
wolfictl is a command line tool for working with Wolfi. A git authentication issue in versions before 0.16.10 allows a local user’s GitHub token to be sent to remote servers other than `github.com`. Most git-dependent functionality in wolfictl relies on its own `git` packag...
8.8
CVSSv3
CVE-2022-42735
Improper Privilege Management vulnerability in Apache Software Foundation Apache ShenYu. ShenYu Admin allows low-privilege low-level administrators create users with higher privileges than their own. This issue affects Apache ShenYu: 2.5.0. Upgrade to Apache ShenYu 2.5.1 or apply...
Apache Shenyu 2.5.0
7.5
CVSSv3
CVE-2023-25568
Boxo, formerly known as go-libipfs, is a library for building IPFS applications and implementations. In versions 0.4.0 and 0.5.0, if an attacker is able allocate arbitrary many bytes in the Bitswap server, those allocations are lasting even if the connection is closed. This affec...
Protocol Boxo 0.5.0
Protocol Boxo 0.4.0
NA
CVE-2024-26579
Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong: from 1.7.0 up to and including 1.11.0, the attackers can bypass using malicious parameters. Users are advised to upgrade to Apache InLong's 1.12.0 or cherry-pick [1], [2] to so...
NA
CVE_2023_29489
XSS_1312 Mass Scaning vulnerability in Cpanel [XSS] KALI LINUX sudo pip install BeautifulSoup sudo pip install shodan sudo pip install pystyle git clone https://github.com/tucommenceapousser/XSS_1312.git cd XSS_1312 python cve_2023_29489.py TERMUX pkg install BeautifulSoup pkg in...
1 Github repository
7.5
CVSSv3
CVE-2023-31058
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users are advised to upgra...
Apache Inlong
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »