Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-29851
Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise manager service account.
1 Article
NA
CVE-2023-46807
An SQL Injection vulnerability in web component of EPMM prior to 12.1.0.0 allows an authenticated user with appropriate privilege to access or modify data in the underlying database.
NA
CVE-2024-29849
Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface.
1 Article
NA
CVE-2024-29852
Veeam Backup Enterprise Manager allows high-privileged users to read backup session logs.
NA
CVE-2024-22026
A local privilege escalation vulnerability in EPMM prior to 12.1.0.0 allows an authenticated local user to bypass shell restriction and execute arbitrary commands on the appliance.
1 Github repository
NA
CVE-2023-46806
An SQL Injection vulnerability in a web component of EPMM versions prior to 12.1.0.0 allows an authenticated user with appropriate privilege to access or modify data in the underlying database.
NA
CVE-2024-5040
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
NA
CVE-2024-31894
IBM App Connect Enterprise 12.0.1.0 up to and including 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IBM X-Force ID: 288175.
NA
CVE-2023-51636
Avira Prime Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local malicious users to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target system in o...
NA
CVE-2024-4267
A remote code execution (RCE) vulnerability exists in the parisneo/lollms-webui, specifically within the 'open_file' module, version 9.5. The vulnerability arises due to improper neutralization of special elements used in a command within the 'open_file' funct...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »