Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-32944
Path traversal vulnerability exists in UTAU versions prior to v0.4.19. If a user of the product installs a crafted UTAU voicebank installer (.uar file, .zip file) to UTAU, an arbitrary file may be placed.
NA
CVE-2024-27830
I don't have anywhere to put my list of reported bugs, so here they are: March 2024: CVE-2024-27830 August 2022: brave/brave-browser Issue #24681
1 Github repository
NA
CVE-2024-29078
Incorrect permission assignment for critical resource issue exists in MosP kintai kanri V4.6.6 and previous versions, which may allow a remote unauthenticated attacker with access to the product to alter the product settings.
NA
CVE-2024-28880
Path traversal vulnerability in MosP kintai kanri V4.6.6 and previous versions allows a remote attacker who can log in to the product to obtain sensitive information of the product.
NA
CVE-2024-36428
OrangeHRM 3.3.3 allows admin/viewProjects sortOrder SQL injection.
NA
CVE-2024-36426
In TARGIT Decision Suite 23.2.15007.0 before Autumn 2023, the session token is part of the URL and may be sent in a cleartext HTTP session.
NA
CVE-2024-34923
In Avocent DSR2030 Appliance firmware 03.04.00.07 prior to 03.07.01.23, and SVIP1020 Appliance firmware 01.06.00.03 prior to 01.07.00.00, there is reflected cross-site scripting (XSS).
NA
CVE-2024-29415
The ip package up to and including 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomp...
NA
CVE-2024-5084
π HashForm Exploit Script This script demonstrates the exploitation of CVE-2024-5084, a vulnerability in the Hash Form plugin for WordPress, which allows unauthenticated arbitrary file upload leading to remote code execution. π Vulnerability Details Name: CVE-2024-5084 Descripti...
1 Github repository
NA
CVE-2024-35181
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries p...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You donβt have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »