Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-20876
Improper input validation in libsheifdecadapter.so prior to SMR Jun-2024 Release 1 allows local malicious users to lead to memory corruption.
NA
CVE-2024-20884
Incorrect use of privileged API vulnerability in getSemBatteryUsageStats in BatteryStatsService prior to SMR Jun-2024 Release 1 allows local malicious users to use privileged API.
NA
CVE-2024-20885
Improper component protection vulnerability in Samsung Dialer prior to SMR May-2024 Release 1 allows local malicious users to make a call without proper permission.
NA
CVE-2024-20886
Arbitrary directory creation in Samsung Live Wallpaper PC prior to version 3.3.8.0 allows malicious user to create arbitrary directory.
NA
CVE-2024-20887
Arbitrary directory creation in GalaxyBudsManager PC prior to version 2.1.240315.51 allows malicious user to create arbitrary directory.
NA
CVE-2024-5485
The SureTriggers – Connect All Your Plugins, Apps, Tools & Automate Everything! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Trigger Link shortcode in all versions up to, and including, 1.0.47 due to insufficient input sanitiza...
NA
CVE-2024-3555
The Social Link Pages: link-in-bio landing pages for your social media profiles plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the import_link_pages() function in all versions up to, and including, 1.6.9. This makes it possible for ...
NA
CVE-2024-3230
The Download Attachments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'download-attachments' shortcode in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping on user supplied attrib...
NA
CVE-2024-2382
The Authorize.net Payment Gateway For WooCommerce plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 8.0. This is due to the plugin not properly verifying the authenticity of the request that updates a orders payment status. This makes it p...
NA
CVE-2024-0757
The Insert or Embed Articulate Content into WordPress plugin up to and including 4.3000000023 is not properly filtering which file extensions are allowed to be imported on the server, allowing the uploading of malicious code within zip files
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
CVE-2023-52162
CVE-2024-23670
CVE-2024-5404
man-in-the-middle
CVE-2024-5214
CVE-2024-4358
CVE-2024-20696
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »