Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4317
Missing authorization in PostgreSQL built-in views pg_stats_ext and pg_stats_ext_exprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the eavesdro...
NA
CVE-2024-28276
[Suggested description] Sourcecodester School Task Manager 1.0 is vulnerable to Cross Site Scripting (XSS) via add-task.php?task_name= component. [Vulnerability Type] Cross Site Scripting (XSS) [Vendor of Product] Sourcecodester [Affected Product Code Base] Sourcecodester Scho...
1 Github repository
NA
CVE-2024-28277
[Suggested description] In Sourcecodester School Task Manager v1.0, a vulnerability was identified within the subject_name= parameter, enabling Stored Cross-Site Scripting (XSS) attacks. This vulnerability allows attackers to manipulate the subject's name, leading the execut...
1 Github repository
NA
CVE-2024-3744
[kubernetes] CVE-2024-3744: azure-file-csi-driver discloses service account tokens in logs
NA
CVE-2024-34365
CVE-2024-34365: Apache Karaf Cave: Cave SSRF and arbitrary file access
NA
CVE-2024-27393
Xen Security Advisory 457 v3 (CVE-2024-27393) - Linux/xen-netfront: Memory leak due to missing cleanup function
NA
CVE-2024-4671
Google fixes fifth Chrome zero-day exploited in attacks this year
1 Article
NA
CVE-2024-34481
Drupal-Wiki versions 8.30 and 8.31 suffer from multiple persistent cross site scripting vulnerabilities.
NA
CVE-2024-26517
[Suggested description] SQL Injection vulnerability in School Task Manager v.1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the delete-task.php component. [Vulnerability Type] SQL Injection [Vendor of Product] Sourcecodester [Affected Pro...
1 Github repository
NA
CVE-2024-3661
TunnelVision: Decloaking Routing-Based VPNs CVE-2024-3661 TunnelVision is a local network VPN leaking technique that allows an attacker to read, drop, and sometimes modify VPN traffic from a targets on the local network. This technique does not activate kill-switches and does not...
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »