Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
notices vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-1890
The Tablesome WordPress plugin prior to 1.0.9 does not escape various generated URLs, before outputting them in attributes when some notices are displayed, leading to Reflected Cross-Site Scripting
Pauple Tablesome
9.8
CVSSv3
CVE-2020-12645
OX App Suite 7.10.1 to 7.10.3 has improper input validation for rate limits with a crafted User-Agent header, spoofed vacation notices, and /apps/load memory consumption.
Open-xchange Open-xchange Appsuite
8.8
CVSSv3
CVE-2022-4937
The WCFM Frontend Manager plugin for WordPress is vulnerable to unauthorized modification and access of data in versions up to, and including, 6.6.0 due to missing capability checks on various AJAX actions. This makes it possible for authenticated attackers, with minimal permissi...
Wclovers Frontend Manager For Woocommerce Along With Bookings Subscription Listings Compatible
NA
CVE-2024-27413
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeof(void) on 32-bit architectures is not enough for a 64-bit phys_addr_t: drivers/firmware/efi/capsule-loader.c: In fun...
8.8
CVSSv3
CVE-2022-4938
The WCFM Frontend Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.6.0 due to missing nonce checks on various AJAX actions. This makes it possible for unauthenticated malicious users to perform a wide variety of actions ...
Wclovers Frontend Manager For Woocommerce Along With Bookings Subscription Listings Compatible
NA
CVE-2024-0681
The Page Restriction WordPress (WP) – Protect WP Pages/Post plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 1.3.4. This is due to the plugin not properly restricting access to pages via the REST API when a page has been mad...
5.4
CVSSv3
CVE-2023-46126
Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in runtime environments, helping enforce privacy regulations in code. The Fides web application allows users to edit consent and privacy notices such as cookie banners. The ...
Ethyca Fides
NA
CVE-2007-1415
Multiple PHP remote file inclusion vulnerabilities in PMB Services 3.0.13 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the (1) class_path parameter to (a) includes/resa_func.inc.php (b) admin/notices/perso.inc.php, or (c) admin/quo...
Pmb Services Pmb Services
1 EDB exploit
NA
CVE-2024-35968
In the Linux kernel, the following vulnerability has been resolved: pds_core: Fix pdsc_check_pci_health function to use work thread When the driver notices fw_status == 0xff it tries to perform a PCI reset on itself via pci_reset_function() in the context of the driver's hea...
NA
CVE-2014-3347
Cisco IOS 15.1(4)M2 on Cisco 1800 ISR devices, when the ISDN Basic Rate Interface is enabled, allows remote malicious users to cause a denial of service (device hang) by leveraging knowledge of the ISDN phone number to trigger an interrupt timer collision during entropy collectio...
Cisco Ios 15.1\\(4\\)m2
Cisco 1802 Integrated Service Router -
Cisco 1803 Integrated Service Router -
Cisco 1801 Integrated Service Router -
Cisco 1811 Integrated Service Router -
Cisco 1812 Integrated Service Router -
Cisco 1841 Integrated Service Router -
Cisco 1861 Integrated Service Router -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »