Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-37694
ArcGIS Enterprise Server 10.8.0 allows a remote malicious user to obtain sensitive information because /arcgis/rest/services does not require authentication.
NA
CVE-2014-5470
Actual Analyzer through 2014-08-29 allows code execution via shell metacharacters because untrusted input is used for part of the input data passed to an eval operation.
1 EDB exploit
NA
CVE-2020-27352
When generating the systemd service units for the docker snap (and other similar snaps), snapd does not specify Delegate=yes - as a result systemd will move processes from the containers created and managed by these snaps into the cgroup of the main daemon within the snap itself ...
NA
CVE-2023-45673
Joplin is a free, open source note taking and to-do application. A remote code execution (RCE) vulnerability in affected versions allows clicking on a link in a PDF in an untrusted note to execute arbitrary shell commands. Clicking links in PDFs allows for arbitrary code executio...
NA
CVE-2023-38506
Joplin is a free, open source note taking and to-do application. A Cross-site Scripting (XSS) vulnerability allows pasting untrusted data into the rich text editor to execute arbitrary code. HTML pasted into the rich text editor is not sanitized (or not sanitized properly). As su...
NA
CVE-2023-39517
Joplin is a free, open source note taking and to-do application. A Cross site scripting (XSS) vulnerability in affected versions allows clicking on an untrusted image link to execute arbitrary shell commands. The HTML sanitizer (`packages/renderer/htmlUtils.ts::sanitizeHtml`) pre...
NA
CVE-2023-37898
Joplin is a free, open source note taking and to-do application. A Cross-site Scripting (XSS) vulnerability allows an untrusted note opened in safe mode to execute arbitrary code. `packages/renderer/MarkupToHtml.ts` renders note content in safe mode by surrounding it with <pre...
NA
CVE-2024-38379
CVE-2024-38379: Apache Allura: Stored authenticated XSS
NA
CVE-2024-35537
TVS Motor Company Limited TVS Connect Android v4.6.0 and IOS v5.0.0 exists to insecurely handle the RSA key pair, allowing malicious users to possibly access sensitive information via decryption.
NA
CVE-2024-37671
Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote malicious user to execute arbitrary code via the page parameter.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-38627
CVE-2022-45803
CVE-2024-38319
camera
template injection
CVE-2024-27801
CVE-2024-0762
CVE-2024-5791
unauthorized
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »