Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-35717
Missing Authorization vulnerability in A WP Life Media Slider – Photo Sleder, Video Slider, Link Slider, Carousal Slideshow.This issue affects Media Slider – Photo Sleder, Video Slider, Link Slider, Carousal Slideshow: from n/a up to and including 1.3.9.
NA
CVE-2024-37880
The Kyber reference implementation prior to 9b8d306, when compiled by LLVM Clang up to and including 18.x with some common optimization options, has a timing side channel that allows malicious users to recover an ML-KEM 512 secret key in minutes. This occurs because poly_frommsg ...
NA
CVE-2024-5389
In lunary-ai/lunary version 1.2.13, an insufficient granularity of access control vulnerability allows users to create, update, get, and delete prompt variations for datasets not owned by their organization. This issue arises due to the application not properly validating the own...
NA
CVE-2024-2408
The openssl_private_decrypt function in PHP, when using PKCS1 padding (OPENSSL_PKCS1_PADDING, which is the default), is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/...
NA
CVE-2024-4577
In PHP versions 8.1.* prior to 8.1.29, 8.2.* prior to 8.2.20, 8.3.* prior to 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to ...