Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4653
A vulnerability was found in BlueNet Technology Clinical Browsing System 1.2.1 and classified as critical. Affected by this issue is some unknown functionality of the file /xds/outIndex.php. The manipulation of the argument name leads to sql injection. The attack may be launched ...
NA
CVE-2024-25515
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the sys_file_storage_id parameter at /WorkFlow/wf_work_finish_file_down.aspx.
NA
CVE-2024-28889
When an SSL profile with alert timeout is configured with a non-default value on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions w...
NA
CVE-2024-25520
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /SysManage/sys_blogtemplate_new.aspx.
NA
CVE-2024-32980
Spin is the developer tool for building and running serverless applications powered by WebAssembly. before 2.4.3, some specifically configured Spin applications that use `self` requests without a specified URL authority can be induced to make requests to arbitrary hosts via the `...
NA
CVE-2024-26579
Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong: from 1.7.0 up to and including 1.11.0, the attackers can bypass using malicious parameters. Users are advised to upgrade to Apache InLong's 1.12.0 or cherry-pick [1], ...
NA
CVE-2024-25523
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the file_id parameter at /filemanage/file_memo.aspx.
NA
CVE-2024-31156
A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an malicious user to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical S...
NA
CVE-2024-33608
When IPsec is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
NA
CVE-2024-32049
BIG-IP Next Central Manager (CM) may allow an unauthenticated, remote malicious user to obtain the BIG-IP Next LTM/WAF instance credentials. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »