Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34001
Actions in the admin preset tool did not include the necessary token to prevent a CSRF risk.
NA
CVE-2024-33996
Incorrect validation of allowed event types in a calendar web service made it possible for some users to create events with types/audiences they did not have permission to publish to.
NA
CVE-2024-34000
ID numbers displayed in the lesson overview report required additional sanitizing to prevent a stored XSS risk.
4 Articles
NA
CVE-2024-36844
libmodbus v3.1.6 exists to contain a use-after-free via the ctx->backend pointer. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted message sent to the unit-test-server.
NA
CVE-2024-33999
The referrer URL used by MFA required additional sanitizing, rather than being used directly.
NA
CVE-2024-36843
libmodbus v3.1.6 exists to contain a heap overflow via the modbus_mapping_free() function.
NA
CVE-2024-33997
Additional sanitizing was required when opening the equation editor to prevent a stored XSS risk when editing another user's equation.
NA
CVE-2024-36845
An invalid pointer in the modbus_receive() function of libmodbus v3.1.6 allows malicious users to cause a Denial of Service (DoS) via a crafted message sent to the unit-test-server.
NA
CVE-2024-33998
Insufficient escaping of participants' names in the participants page table resulted in a stored XSS risk when interacting with some features.
NA
CVE-2024-4367
PDF.js Vulnerability Demo Project This project is intended to serve as a proof of concept to demonstrate exploiting the vulnerability in the PDF.js (pdfjs-dist) library reported in CVE-2024-4367 Getting Things Running Fork and clone from this repository npm install npm run dev ...
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »