Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
doing vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2021-37690
TensorFlow is an end-to-end open source platform for machine learning. In affected versions when running shape functions, some functions (such as `MutableHashTableShape`) produce extra output information in the form of a `ShapeAndType` struct. The shapes embedded in this struct a...
Google Tensorflow
Google Tensorflow 2.5.0
Google Tensorflow 2.6.0
2.1
CVSSv2
CVE-2007-0859
The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allows attackers with physical access to obtain sensitive information (memory contents) by doing (1) text searches or (2) paste operations after pressing certain keyboard shortcut keys.
Palm Treo 700p
Palm Treo 650
Palm Treo 680
4.6
CVSSv2
CVE-2020-11286
An Untrusted Pointer Dereference can occur while doing USB control transfers, if multiple requests of different standard request categories like device, interface & endpoint are made together. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon ...
Qualcomm Apq8009 -
Qualcomm Apq8009w -
Qualcomm Apq8017 -
Qualcomm Apq8053 -
Qualcomm Apq8064au -
Qualcomm Apq8076 -
Qualcomm Apq8096au -
Qualcomm Ar8151 -
Qualcomm Csr6030 -
Qualcomm Mdm9206 -
Qualcomm Mdm9230 -
Qualcomm Mdm9250 -
Qualcomm Mdm9330 -
Qualcomm Mdm9607 -
Qualcomm Mdm9626 -
Qualcomm Mdm9628 -
Qualcomm Mdm9630 -
Qualcomm Mdm9640 -
Qualcomm Mdm9650 -
Qualcomm Mdm9655 -
Qualcomm Msm8909w -
Qualcomm Msm8937 -
NA
CVE-2024-1442
A user with the permissions to create a data source can use Grafana API to create a data source with UID set to *. Doing this will grant the user access to read, query, edit and delete all data sources within the organization.
NA
CVE-2024-35947
In the Linux kernel, the following vulnerability has been resolved: dyndbg: fix old BUG_ON in >control parser Fix a BUG_ON from 2009. Even if it looks "unreachable" (I didn't really look), lets make sure by removing it, doing pr_err and return -EINVAL instead.
NA
CVE-2022-47407
An issue exists in the fp_masterquiz (aka Master-Quiz) extension prior to 2.2.1, and 3.x prior to 3.5.1, for TYPO3. An attacker can continue the quiz of a different user. In doing so, the attacker can view that user's answers and modify those answers.
Master-quiz Project Master-quiz
NA
CVE-2021-47322
In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix an Oops in pnfs_mark_request_commit() when doing O_DIRECT Fix an Oopsable condition in pnfs_mark_request_commit() when we're putting a set of writes on the commit list to reschedule them after a f...
3.5
CVSSv2
CVE-2020-19048
Cross Site Scripting (XSS) in MyBB v1.8.20 allows remote malicious users to inject arbitrary web script or HTML via the "Title" field found in the "Add New Forum" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-ma...
Mybb Mybb 1.8.20
3.5
CVSSv2
CVE-2020-19049
Cross Site Scripting (XSS) in MyBB v1.8.20 allows remote malicious users to inject arbitrary web script or HTML via the "Description" field found in the "Add New Forum" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=fo...
Mybb Mybb 1.8.20
3.5
CVSSv2
CVE-2020-18470
Stored cross-site scripting (XSS) vulnerability in the Name of application field found in the General Configuration page in Rukovoditel 2.4.1 allows remote malicious users to inject arbitrary web script or HTML via a crafted website name by doing an authenticated POST HTTP reques...
Rukovoditel Rukovoditel 2.4.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »