Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34791
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wpbean WPB Elementor Addons allows Stored XSS.This issue affects WPB Elementor Addons: from n/a up to and including 1.0.9.
NA
CVE-2024-34832
CubeCart - Directory Traversal May Lead To RCE (CVE-2024-34832) TL;DR In the admin panel, parameters such as _g and node are used to construct the path to include .inc.php files and execute PHP code. A malicious user with the ability to upload .inc.php files anywhere on the serve...
1 Github repository
7.8
CVSSv3
CVE-2023-43542
Memory corruption while copying a keyblob`s material when the key material`s size is not accurately checked.
6.5
CVSSv3
CVE-2023-43537
Information disclosure while handling T2LM Action Frame in WLAN Host.
8.4
CVSSv3
CVE-2024-23360
Memory corruption while creating a LPAC client as LPAC engine was allowed to access GPU registers.
NA
CVE-2024-23664
A URL redirection to untrusted site ('open redirect') in Fortinet FortiAuthenticator version 6.6.0, version 6.5.3 and below, version 6.4.9 and below may allow an malicious user to to redirect users to an arbitrary website via a crafted URL.
6.7
CVSSv3
CVE-2023-43545
Memory corruption when more scan frequency list or channels are sent from the user space.
NA
CVE-2024-23665
Multiple improper authorization vulnerabilities [CWE-285] in FortiWeb version 7.4.2 and below, version 7.2.7 and below, version 7.0.10 and below, version 6.4.3 and below, version 6.3.23 and below may allow an authenticated malicious user to perform unauthorized ADOM operations vi...
NA
CVE-2024-23668
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 up to and including 7.0.4 and 6.3.0 and 6.2.3 up to and including 6.2.4 and 6.0.2 allows malicious user to execute unauthorized code or commands via HTTP requests or CLI.
NA
CVE-2024-23670
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 up to and including 7.0.4 and 6.3.0 and 6.2.3 up to and including 6.2.4 and 6.0.2 allows malicious user to execute unauthorized code or commands via HTTP requests or CLI.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »