Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2023-29130
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device consists of improper access controls in the configuration files that leads to privilege escalation. An attacker could gain admin access with this vulnerability leading to complete dev...
Siemens Simatic Cn 4100
10
CVSSv3
CVE-2023-3432
Server-Side Request Forgery (SSRF) in GitHub repository plantuml/plantuml before 1.2023.9.
Plantuml Plantuml
Fedoraproject Fedora 39
10
CVSSv3
CVE-2019-25136
A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox < 70.
Mozilla Firefox
10
CVSSv3
CVE-2023-2909
EZ Sync service fails to adequately handle user input, allowing an malicious user to navigate beyond the intended directory structure and delete files. Affected products and versions include: ADM 4.0.6.REG2, 4.1.0 and below as well as ADM 4.2.1.RGE2 and below.
Asustor Adm
10
CVSSv3
CVE-2023-31241
Snap One OvrC cloud servers contain a route an attacker can use to bypass requirements and claim devices outright.
Snapone Orvc
10
CVSSv3
CVE-2023-32314
vm2 is a sandbox that can run untrusted code with Node's built-in modules. A sandbox escape vulnerability exists in vm2 for versions up to and including 3.9.17. It abuses an unexpected creation of a host object based on the specification of `Proxy`. As a result a threat acto...
Vm2 Project Vm2
3 Github repositories
10
CVSSv3
CVE-2023-2583
Code Injection in GitHub repository jsreport/jsreport before 3.11.3.
Jsreport Jsreport
10
CVSSv3
CVE-2023-2564
OS Command Injection in GitHub repository sbs20/scanservjs prior to v2.27.0.
Scanservjs Project Scanservjs
10
CVSSv3
CVE-2023-30856
eDEX-UI is a science fiction terminal emulator. Versions 2.2.8 and prior are vulnerable to cross-site websocket hijacking. When running eDEX-UI and browsing the web, a malicious website can connect to eDEX's internal terminal control websocket, and send arbitrary commands to...
Edex-ui Project Edex-ui
10
CVSSv3
CVE-2021-33970
Buffer Overflow vulnerability in Qihoo 360 Chrome v13.0.2170.0 allows malicious user to escalate priveleges.
Browser.360 Chrome 13.0.2170.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege
CVE-2022-48762
CVE-2022-48751
CVE-2024-37079
CVE-2024-30848
LFI
man-in-the-middle
CVE-2022-48736
CVE-2024-30103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »