Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2023-29131
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device consists of an incorrect default value in the SSH configuration. This could allow an malicious user to bypass network isolation.
Siemens Simatic Cn 4100
10
CVSSv3
CVE-2023-3432
Server-Side Request Forgery (SSRF) in GitHub repository plantuml/plantuml before 1.2023.9.
Plantuml Plantuml
Fedoraproject Fedora 39
10
CVSSv3
CVE-2019-25136
A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox < 70.
Mozilla Firefox
10
CVSSv3
CVE-2023-2909
EZ Sync service fails to adequately handle user input, allowing an malicious user to navigate beyond the intended directory structure and delete files. Affected products and versions include: ADM 4.0.6.REG2, 4.1.0 and below as well as ADM 4.2.1.RGE2 and below.
Asustor Adm
10
CVSSv3
CVE-2023-31241
Snap One OvrC cloud servers contain a route an attacker can use to bypass requirements and claim devices outright.
Snapone Orvc
10
CVSSv3
CVE-2023-32314
vm2 is a sandbox that can run untrusted code with Node's built-in modules. A sandbox escape vulnerability exists in vm2 for versions up to and including 3.9.17. It abuses an unexpected creation of a host object based on the specification of `Proxy`. As a result a threat acto...
Vm2 Project Vm2
3 Github repositories
10
CVSSv3
CVE-2023-2583
Code Injection in GitHub repository jsreport/jsreport before 3.11.3.
Jsreport Jsreport
10
CVSSv3
CVE-2023-2564
OS Command Injection in GitHub repository sbs20/scanservjs prior to v2.27.0.
Scanservjs Project Scanservjs
10
CVSSv3
CVE-2023-30856
eDEX-UI is a science fiction terminal emulator. Versions 2.2.8 and prior are vulnerable to cross-site websocket hijacking. When running eDEX-UI and browsing the web, a malicious website can connect to eDEX's internal terminal control websocket, and send arbitrary commands to...
Edex-ui Project Edex-ui
10
CVSSv3
CVE-2021-33970
Buffer Overflow vulnerability in Qihoo 360 Chrome v13.0.2170.0 allows malicious user to escalate priveleges.
Browser.360 Chrome 13.0.2170.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2023-38506
CVE-2024-37198
CVE-2023-45197
CVE-2024-38621
CVE-2024-30103
elevation of privilege
CVE-2024-0044
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »