Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4998
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-4566. Reason: This candidate is a reservation duplicate of CVE-2024-4566. Notes: All CVE users should reference CVE-2024-4566 instead of this candidate. All references and descriptions in this ca...
NA
CVE-2024-5072
Improper input validation in PAM JIT elevation feature in Devolutions Server 2024.1.11.0 and previous versions allows an authenticated user with access to the PAM JIT elevation feature to manipulate the LDAP filter query via a specially crafted request.
NA
CVE-2024-34058
The WebTop package for NethServer 7 and 8 allows stored XSS (for example, via the Subject field if an e-mail message).
NA
CVE-2024-34241
A cross-site scripting (XSS) vulnerability in Rocketsoft Rocket LMS 1.9 allows an administrator to store a JavaScript payload using the admin web interface when creating new courses and new course notifications.
NA
CVE-2024-31974
The com.solarized.firedown (aka Solarized FireDown Browser & Downloader) application 1.0.76 for Android allows a remote malicious user to execute arbitrary JavaScript code via a crafted intent. com.solarized.firedown.IntentActivity uses a WebView component to display web cont...
NA
CVE-2024-22429
Dell BIOS contains an Improper Input Validation vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to arbitrary code execution.
NA
CVE-2024-5051
A vulnerability has been found in SourceCodester Gas Agency Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file edituser.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The ex...
NA
CVE-2024-35846
In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix shrinker NULL crash with cgroup_disable=memory Christian reports a NULL deref in zswap that he bisected down to the zswap shrinker. The issue also cropped up in the bug trackers of libguestfs [1] a...
NA
CVE-2024-35847
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Prevent double free on error The error handling path in its_vpe_irq_domain_alloc() causes a double free when its_vpe_init() fails after successfully allocating at least one interrupt. This hap...
NA
CVE-2024-35848
In the Linux kernel, the following vulnerability has been resolved: eeprom: at24: fix memory corruption race condition If the eeprom is not accessible, an nvmem device will be registered, the read will fail, and the device will be torn down. If another driver accesses the nvmem d...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »