Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4991
Vulnerability in SiAdmin 1.1 that allows SQL injection via the /modul/mod_pass/aksi_pass.php parameter in nama_lengkap. This vulnerability could allow a remote malicious user to send a specially crafted SQL query to the system and retrieve all the information stored in it.
NA
CVE-2024-30288
Adobe Framemaker versions 2020.5, 2022.3 and previous versions are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must o...
NA
CVE-2024-3721
TBK DVR Devices Command Injection (CVE-2024-3721)
NA
CVE-2024-4838
The ConvertPlus plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.5.26 via deserialization of untrusted input from the 'settings_encoded' attribute of the 'smile_modal' shortcode. This makes it possible for auth...
NA
CVE-2024-35299
In JetBrains YouTrack prior to 2024.1.29548 the SMTPS protocol communication lacked proper certificate hostname validation
NA
CVE-2024-35301
In JetBrains TeamCity prior to 2024.03.1 commit status publisher didn't check project scope of the GitHub App token
NA
CVE-2024-35300
In JetBrains TeamCity between 2024.03 and 2024.03.1 several stored XSS in the available updates page were possible
NA
CVE-2024-35302
In JetBrains TeamCity prior to 2023.11 stored XSS during restore from backup was possible
NA
CVE-2024-4385
The Envo Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 1.8.16 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level...
NA
CVE-2024-4400
The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plguin for WordPress is vulnerable to Stored Cross-Site Scripting via an unknown parameter in versions up to, and including, 1.26.4 due to insufficient input sanitization and output escaping. This makes it ...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »