Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4267
A remote code execution (RCE) vulnerability exists in the parisneo/lollms-webui, specifically within the 'open_file' module, version 9.5. The vulnerability arises due to improper neutralization of special elements used in a command within the 'open_file' funct...
NA
CVE-2023-51637
Sante PACS Server PG Patient Query SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Sante PACS Server PG. Authentication is not required to exploit this vulnerability. The s...
NA
CVE-2024-4454
WithSecure Elements Endpoint Protection Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local malicious users to escalate privileges on affected installations of WithSecure Elements Endpoint Protection. User interaction on the part of an adminis...
NA
CVE-2024-4453
GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but att...
NA
CVE-2024-31894
IBM App Connect Enterprise 12.0.1.0 up to and including 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IBM X-Force ID: 288175.
NA
CVE-2024-25738
A Server-Side Request Forgery (SSRF) vulnerability in the /Upgrade/FixConfig route in Open Library Foundation VuFind 2.0 up to and including 9.1 prior to 9.1.1 allows a remote malicious user to overwrite local configuration files to gain access to the administrator panel and achi...
NA
CVE-2024-31904
IBM App Connect Enterprise 11.0.0.1 up to and including 11.0.0.25 and 12.0.1.0 up to and including 12.0.12.0 integration nodes could allow an authenticated user to cause a denial of service due to an uncaught exception. IBM X-Force ID: 289647.
NA
CVE-2024-35627
tileserver-gl up to v4.4.10 exists to contain a cross-site scripting (XSS) vulnerability via the component /data/v3/?key.
NA
CVE-2024-25737
A Server-Side Request Forgery (SSRF) vulnerability in the /Cover/Show route (showAction in CoverController.php) in Open Library Foundation VuFind 2.4 up to and including 9.1 prior to 9.1.1 allows remote malicious users to access internal HTTP servers and perform Cross-Site Script...
NA
CVE-2024-31893
IBM App Connect Enterprise 12.0.1.0 up to and including 12.0.12.1 could allow an authenticated user to obtain sensitive calendar information using an expired access token. IBM X-Force ID: 288174.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »