Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-20258
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an unauthenticated, remote malicious user to conduct an XSS attack against a user of the interface. This vulnerability is...
NA
CVE-2024-20392
A vulnerability in the web-based management API of Cisco AsyncOS Software for Cisco Secure Email Gateway could allow an unauthenticated, remote malicious user to conduct an HTTP response splitting attack. This vulnerability is due to insufficient input validation of some para...
NA
CVE-2024-25743
In the Linux kernel up to and including 6.7.2, an untrusted hypervisor can inject virtual interrupts 0 and 14 at any point in time and can trigger the SIGFPE signal handler in userspace applications. This affects AMD SEV-SNP and AMD SEV-ES.
NA
CVE-2024-20391
A vulnerability in the Network Access Manager (NAM) module of Cisco Secure Client could allow an unauthenticated attacker with physical access to an affected device to elevate privileges to SYSTEM. This vulnerability is due to a lack of authentication on a specific function. A...
NA
CVE-2024-20366
A vulnerability in the Tail-f High Availability Cluster Communications (HCC) function pack of Cisco Crosswork Network Services Orchestrator (NSO) could allow an authenticated, local malicious user to elevate privileges to root on an affected device. This vulnerability exists b...
NA
CVE-2024-3182
Install-type password disclosure vulnerability in Universal Installer including the Silent Installer in TIBCO Hawk versions 6.2.0, 6.2.1, 6.2.2 and 6.2.3 allows user's Enterprise Message Service (EMS) password to be exposed outside of the hawkagent.cfg and hawkevent.cfg...
NA
CVE-2024-4905
A vulnerability classified as critical has been found in Kashipara College Management System 1.0. Affected is an unknown function of the file view_students_each_detail.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. T...
NA
CVE-2024-20369
A vulnerability in the web-based management interface of Cisco Crosswork Network Services Orchestrator (NSO) could allow an unauthenticated, remote malicious user to redirect a user to a malicious web page. This vulnerability is due to improper input validation of a paramete...
NA
CVE-2024-20383
A vulnerability in the Cisco Crosswork NSO CLI and the ConfD CLI could allow an authenticated, low-privileged, local malicious user to elevate privileges to root on the underlying operating system. The vulnerability is due to an incorrect privilege assignment when specific CLI...
NA
CVE-2024-20257
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway could allow an authenticated, remote malicious user to conduct an XSS attack against a user of the interface.r This vulnerability is due to insufficient validation of ...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »