Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-46694
Vtenext 21.02 allows an authenticated malicious user to upload arbitrary files, potentially enabling them to execute remote commands. This flaw exists due to the application's failure to enforce proper authentication controls when accessing the Ckeditor file manager function...
NA
CVE-2024-28061
An issue exists in Apiris Kafeo 6.4.4. It permits a bypass, of the protection in place, to access to the data stored in the embedded database file.
NA
CVE-2024-35581
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Borrower Name input field.
NA
CVE-2024-35583
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Remarks input field.
NA
CVE-2023-30310
An issue discovered in Comfast Comfast CF-616AC routers allows malicious users to hijack TCP sessions which could lead to a denial of service.
NA
CVE-2024-28060
An issue exists in Apiris Kafeo 6.4.4. It permits DLL hijacking, allowing a user to trigger the execution of arbitrary code every time the product is executed.
NA
CVE-2023-43845
Aten PE6208 2.3.228 and 2.4.232 have default credentials for the privileged telnet account. The user is not asked to change the credentials after first login. If not changed, attackers can log in to the telnet console and gain administrator privileges.
NA
CVE-2023-43846
Incorrect access control in logs management function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote malicious users to get the device logs via HTTP GET request. The logs contain such information as user names and IP addresses used in the infrastructure. This in...
NA
CVE-2023-43847
Incorrect access control in the outlet control function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote authenticated users to control all the outlets as if they were the administrator via HTTP POST requests.
NA
CVE-2023-43850
Improper input validation in the user management function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote authenticated users to cause a partial DoS of web interface via HTTP POST request.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »