Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-5407
A vulnerability in RhinOS 3.0-1190 could allow PHP code injection through the "search" parameter in /portal/search.htm. This vulnerability could allow a remote malicious user to perform a reverse shell on the remote system, compromising the entire infrastructure.
NA
CVE-2024-5408
Vulnerability in RhinOS 3.0-1190 consisting of an XSS through the "search" parameter of /portal/search.htm. This vulnerability could allow a remote malicious user to steal details of a victim's user session by submitting a specially crafted URL.
NA
CVE-2024-5409
RhinOS 3.0-1190 is vulnerable to an XSS via the "tamper" parameter in /admin/lib/phpthumb/phpthumb.php. An attacker could create a malicious URL and send it to a victim to obtain their session details.
NA
CVE-2024-5406
A vulnerability had been discovered in WinNMP 19.02 consisting of an XSS attack via index page in from, subject, text and hash parameters. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal their session details.
NA
CVE-2024-5405
A vulnerability had been discovered in WinNMP 19.02 consisting of an XSS attack via /tools/redis.php page in the k, hash, key and p parameters. This vulnerability could allow a remote user to submit a specially crafted JavaScript payload for an authenticated user to retrieve...
NA
CVE-2023-6349
A heap overflow vulnerability exists in libvpx - Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx. We recommend upgrading to version 1.13.1 or above
NA
CVE-2024-36383
An issue exists in Logpoint SAML Authentication prior to 6.0.3. An attacker can place a crafted filename in the state field of a SAML SSO-URL response, and the file corresponding to this filename will ultimately be deleted. This can lead to a SAML Authentication login outage.
NA
CVE_2022_22947
spring CVE_2022_22947,CVE_2022_22963,CVE_2022_22965 禅道(zentao)QVD_2024_15263 Nacos
1 Github repository
NA
CVE_2022_22963
spring CVE_2022_22947,CVE_2022_22963,CVE_2022_22965 禅道(zentao)QVD_2024_15263 Nacos
1 Github repository
NA
CVE_2022_22965
spring CVE_2022_22947,CVE_2022_22963,CVE_2022_22965 禅道(zentao)QVD_2024_15263 Nacos
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-35229
privilege escalation
local users
CVE-2024-5405
CVE-2024-27842
CVE-2024-5274
CVE-2024-5378
CVE-2024-34152
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »