Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-38505
In JetBrains YouTrack prior to 2024.2.34646 user access token was sent to the third-party site
NA
CVE-2024-38506
In JetBrains YouTrack prior to 2024.2.34646 user without appropriate permissions could enable the auto-attach option for workflows
NA
CVE-2024-38507
In JetBrains Hub prior to 2024.2.34646 stored XSS via project description was possible
NA
CVE-2024-5953
A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password.
NA
CVE-2024-5899
When Bazel Plugin in intellij imports a project (either using "import project" or "Auto import") the dialog for trusting the project is not displayed. This comes from the fact that both call the method ProjectBuilder.createProject which then calls ProjectManag...
NA
CVE-2024-5533
The Divi theme for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.25.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arb...
NA
CVE-2024-33620
Absolute path traversal vulnerability exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, the file contents including sensitive information on the server may be retrieved by an unauthenticated remote attacker.
NA
CVE-2024-33622
Missing authentication for critical function vulnerability exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, sensitive information may be obtained and/or the information stored in the database may be altered by a remote authenticated...
NA
CVE-2024-4094
The Simple Share Buttons Adder WordPress plugin prior to 8.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
NA
CVE-2024-0066
Johan Fagerström, member of the AXIS OS Bug Bounty Program, has found that a O3C feature may expose sensitive traffic between the client (Axis device) and (O3C) server. If O3C is not being used this flaw does not apply. Axis has released patched AXIS OS versions for the high...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »