Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34947
Quanxun Huiju Network Technology (Beijing) Co.,Ltd IK-Q3000 3.7.10 x64 Build202401261655 exists to be vulnerable to an ICMP redirect attack.
NA
CVE-2024-34948
An issue in Quanxun Huiju Network Technology(Beijing) Co.,Ltd IK-Q3000 3.7.10 x64 Build202401261655 allows malicious users to cause a Denial of Service (DoS) when attempting to make TCP connections.
NA
CVE-2024-24294
A Prototype Pollution issue in Blackprint @blackprint/engine v.0.9.0 allows an malicious user to execute arbitrary code via the _utils.setDeepProperty function of engine.min.js.
NA
CVE-2024-4151
An Improper Access Control vulnerability exists in lunary-ai/lunary version 1.2.2, where users can view and update any prompts in any projects due to insufficient access control checks in the handling of PATCH and GET requests for template versions. This vulnerability allows unau...
NA
CVE-2024-3482
A Stored Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Enterprise Security Manager and ArcSight Platform. The vulnerability could be remotely exploited.
NA
CVE-2024-34952
taurusxin ncmdump v1.3.2 exists to contain a segmentation violation via the NeteaseCrypt::FixMetadata() function at /src/ncmcrypt.cpp. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted .ncm file.
NA
CVE-2024-2835
A Stored Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Enterprise Security Manager and ArcSight Platform. The vulnerability could be remotely exploited.
NA
CVE-2024-34953
An issue in taurusxin ncmdump v1.3.2 allows malicious users to cause a Denial of Service (DoS) via memory exhaustion by supplying a crafted .ncm file
NA
CVE-2024-4287
In mintplex-labs/anything-llm, a vulnerability exists due to improper input validation in the workspace update process. Specifically, the application fails to validate or format JSON data sent in an HTTP POST request to `/api/workspace/:workspace-slug/update`, allowing it to be e...
NA
CVE-2023-49330
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report data.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »