Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-5063
A vulnerability was found in PHPGurukul Online Course Registration System 3.1. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument username/password leads to sql injection. The attack can be init...
NA
CVE-2024-3292
A race condition vulnerability exists where an authenticated, local attacker on a Windows Nessus Agent host could modify installation parameters at installation time, which could lead to the execution of arbitrary code on the Nessus host. - CVE-2024-3292
NA
CVE-2024-3289
When installing Nessus to a directory outside of the default location on a Windows host, Nessus versions before 10.7.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-defau...
NA
CVE-2024-3291
When installing Nessus Agent to a directory outside of the default location on a Windows host, Nessus Agent versions before 10.6.4 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in t...
NA
CVE-2024-35190
Asterisk is an open source private branch exchange and telephony toolkit. After upgrade to 18.23.0, ALL unauthorized SIP requests are identified as PJSIP Endpoint of local asterisk server. This vulnerability is fixed in 18.23.1, 20.8.1, and 21.3.1.
NA
CVE-2024-3290
A race condition vulnerability exists where an authenticated, local attacker on a Windows Nessus host could modify installation parameters at installation time, which could lead to the execution of arbitrary code on the Nessus host
NA
CVE-2023-5597
A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x allows an malicious user to execute arbitrary script code.
NA
CVE-2024-22429
Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to arbitrary code execution.
NA
CVE-2024-34058
The WebTop package for NethServer 7 and 8 allows stored XSS (for example, via the Subject field if an e-mail message).
NA
CVE-2024-4998
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-4566. Reason: This candidate is a reservation duplicate of CVE-2024-4566. Notes: All CVE users should reference CVE-2024-4566 instead of this candidate. All references and descriptions in this ca...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »