Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
patch vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4358
In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability.
3 Github repositories
1 Article
NA
CVE-2023-52881
In the Linux kernel, the following vulnerability has been resolved: tcp: do not accept ACK of bytes we never sent This patch is based on a detailed report and ideas from Yepeng Pan and Christian Rossow. ACK seq validation is currently following RFC 5961 5.2 guidelines: The ACK va...
9.8
CVSSv3
CVE-2024-5150
The Login with phone number plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.26. This is due to the 'activation_code' default value is empty, and the not empty check is missing in the 'lwp_ajax_register' functio...
NA
CVE-2024-35226
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. In affected versions template authors could inject php code by choosing a malicious file name for an extends-tag. Sites that cannot fully trust template authors sho...
8.6
CVSSv3
CVE-2024-24919
Potentially allowing an malicious user to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
Checkpoint Quantum Security Gateway Firmware R80.40
Checkpoint Cloudguard Network Security R81.20
Checkpoint Cloudguard Network Security R81.10
Checkpoint Cloudguard Network Security R81.0
Checkpoint Cloudguard Network Security R80.40
Checkpoint Quantum Security Gateway Firmware R81.20
Checkpoint Quantum Security Gateway Firmware R81.10
Checkpoint Quantum Security Gateway Firmware R81.0
Checkpoint Quantum Spark Firmware R81.10
Checkpoint Quantum Spark Firmware R80.20
38 Github repositories
4 Articles
NA
CVE-2024-35238
Minder by Stacklok is an open source software supply chain security platform. Minder prior to version 0.0.51 is vulnerable to a denial-of-service (DoS) attack which could allow an malicious user to crash the Minder server and deny other users access to it. The root cause of the v...
NA
CVE-2022-4969
A vulnerability, which was classified as critical, has been found in bwoodsend rockhopper up to 0.1.2. Affected by this issue is the function count_rows of the file rockhopper/src/ragged_array.c of the component Binary Parser. The manipulation of the argument raw leads to buffer ...
NA
CVE-2024-35231
rack-contrib provides contributed rack middleware and utilities for Rack, a Ruby web server interface. Versions of rack-contrib before 2.5.0 are vulnerable to denial of service due to the fact that the user controlled data `profiler_runs` was not constrained to any limitation. Th...
NA
CVE-2024-35236
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to version 2.10.0, opening an ebook with malicious scripts inside leads to code execution inside the browsing context. Attacking a user with high privileges (upload, creation of libraries) can lead to remote code...
NA
CVE-2024-35237
MIT IdentiBot is an open-source Discord bot written in Node.js that verifies individuals' affiliations with MIT, grants them roles in a Discord server, and stores information about them in a database backend. A vulnerability that exists prior to commit 48e3e5e7ead6777fa75d57...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »