Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34829
CVE-2024-34829: IDOR in Eramba Community version <3.22.0 Issue Summary An IDOR bug was found on /attachments/attachments/download/ API allows abitrary file download, as a result of lacking of user permission control. Issue Impact All existing files in a section, including ...
1 Github repository
NA
CVE-2024-20389
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local malicious user to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper aut...
NA
CVE-2024-20326
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local malicious user to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper aut...
NA
CVE-2023-46842
Unlike 32-bit PV guests, HVM guests may switch freely between 64-bit and other modes. This in particular means that they may set registers used to pass 32-bit-mode hypercall arguments to values outside of the range 32-bit code would be able to set them to. When processing of hy...
NA
CVE-2024-31142
Because of a logical error in XSA-407 (Branch Type Confusion), the mitigation is not applied properly when it is intended to be used. XSA-434 (Speculative Return Stack Overflow) uses the same infrastructure, so is equally impacted. For more details, see: https://xenbits.xen.or...
NA
CVE-2024-4317
WiltonDB Modified PostgreSQL with Babelfish extensions packaged for Windows and Linux. Link to documentation. News 2024-05-16 WiltonDB 3.3 update (version 8.13.1) is released for Windows and Linux. Bugfixes: this release includes a fix to CVE-2024-4317 from upstream PostgreSQL 1...
1 Github repository
NA
CVE-2024-4760
A voltage glitch during the startup of EEFC NVM controllers on Microchip SAM E70/S70/V70/V71 microcontrollers allows access to the memory bus via the debug interface even if the security bit is set.
NA
CVE-2024-4999
A vulnerability in the web-based management interface of multiple Ligowave devices could allow an authenticated remote malicious user to execute arbitrary commands with elevated privileges.This issue affects UNITY: up to and including 6.95-2; PRO: up to and including 6.95-1....
NA
CVE-2024-30314
Dreamweaver Desktop versions 21.3 and previous versions are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue doe...
NA
CVE-2024-4992
Vulnerability in SiAdmin 1.1 that allows SQL injection via the /modul/mod_kuliah/aksi_kuliah.php parameter in nim. This vulnerability could allow a remote malicious user to send a specially crafted SQL query to the system and retrieve all the information stored in it.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »