Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-22273
The storage controllers on VMware ESXi, Workstation, and Fusion have out-of-bounds read/write vulnerability. A malicious actor with access to a virtual machine with storage controllers enabled may exploit this issue to create a denial of service condition or execute code on ...
NA
CVE-2024-22275
The vCenter Server contains a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing sensitive data.
NA
CVE-2024-31757
An issue in TeraByte Unlimited Image for Windows v.3.64.0.0 and before and fixed in v.4.0.0.0 allows a local malicious user to escalate privileges via the TBOFLHelper64.sys and TBOFLHelper.sys component.
NA
CVE-2024-35056
NASA AIT-Core v2.5.2 exists to contain multiple SQL injection vulnerabilities via the query_packets and insert functions.
NA
CVE-2024-35057
An issue in NASA AIT-Core v2.5.2 allows malicious users to execute arbitrary code via a crafted packet.
NA
CVE-2024-35058
An issue in the API wait function of NASA AIT-Core v2.5.2 allows malicious users to execute arbitrary code via supplying a crafted string.
NA
CVE-2024-22274
The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system.
NA
CVE-2024-36052
RARLAB WinRAR prior to 7.00, on Windows, allows malicious users to spoof the screen output via ANSI escape sequences, a different issue than CVE-2024-33899.
NA
CVE-2024-31840
An issue exists in Italtel Embrace 1.6.4. The web application inserts cleartext passwords in the HTML source code. An authenticated user is able to edit the configuration of the email server. Once the user access the edit function, the web application fills the edit form with the...
NA
CVE-2024-31845
An issue exists in Italtel Embrace 1.6.4. The product does not neutralize or incorrectly neutralizes output that is written to logs. The web application writes logs using a GET query string parameter. This parameter can be modified by an attacker, so that every action he performs...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »