Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4842
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: Not a vulnerability
NA
CVE-2024-35228
Wagtail is an open source content management system built on Django. Due to an improperly applied permission check in the `wagtail.contrib.settings` module, a user with access to the Wagtail admin and knowledge of the URL of the edit view for a settings model can access and updat...
NA
CVE-2024-2422
LenelS2 NetBox access control and event monitoring system exists to contain an authenticated RCE in versions prior to and including 5.6.1, which allows an malicious user to execute malicious commands.
NA
CVE-2024-35469
A SQL injection vulnerability in /hrm/user/ in SourceCodester Human Resource Management System 1.0 allows malicious users to execute arbitrary SQL commands via the password parameter.
1 Github repository
NA
CVE-2024-35468
A SQL injection vulnerability in /hrm/index.php in SourceCodester Human Resource Management System 1.0 allows malicious users to execute arbitrary SQL commands via the password parameter.
1 Github repository
NA
CVE-2024-2421
LenelS2 NetBox access control and event monitoring system exists to contain an unauthenticated RCE in versions prior to and including 5.6.1, which allows an malicious user to execute malicious commands with elevated permissions.
NA
CVE-2024-35433
ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Incorrect Access Control. An authenticated user, without the permissions of managing users, can create a new admin user.
NA
CVE-2024-2420
LenelS2 NetBox access control and event monitoring system exists to contain Hardcoded Credentials in versions prior to and including 5.6.1 which allows an malicious user to bypass authentication requirements.
NA
CVE-2024-5271
Fuji Electric Monitouch V-SFT
NA
CVE-2024-35350
A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /admin/?page=borrow/view_borrow. Manipulating the argument id can result in SQL injection.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36954
CVE-2024-36933
CVE-2024-24919
CVE-2024-36923
CVE-2024-2961
CVE-2024-36925
bypass
encryption
command injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »