Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
client vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-31081
A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered b...
NA
CVE-2024-25503
Cross Site Scripting (XSS) vulnerability in Advanced REST Client v.17.0.9 allows a remote malicious user to execute arbitrary code and obtain sensitive information via a crafted script to the edit details parameter of the New Project function.
NA
CVE-2023-35812
An issue exists in the Amazon Linux packages of OpenSSH 7.4 for Amazon Linux 1 and 2, because of an incomplete fix for CVE-2019-6111 within these specific packages. The fix had only covered cases where an absolute path is passed to scp. When a relative path is used, there is no v...
NA
CVE-2024-26717
In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid-of: fix NULL-deref on failed power up A while back the I2C HID implementation was split in an ACPI and OF part, but the new OF driver never initialises the client pointer which is dereferenced on pow...
NA
CVE-2024-28836
An issue exists in Mbed TLS 3.5.x prior to 3.6.0. When negotiating the TLS version on the server side, it can fall back to the TLS 1.2 implementation of the protocol if it is disabled. If the TLS 1.2 implementation was disabled at build time, a TLS 1.2 client could put a TLS 1.3-...
NA
CVE-2024-30166
In Mbed TLS 3.3.0 up to and including 3.5.2 prior to 3.6.0, a malicious client can cause information disclosure or a denial of service because of a stack buffer over-read (of less than 256 bytes) in a TLS 1.3 server via a TLS 3.1 ClientHello.
NA
CVE-2024-28287
A DOM-based open redirection in the returnUrl parameter of INSTINCT UI Web Client 6.5.0 allows malicious users to redirect users to malicious sites via a crafted URL.
NA
CVE-2024-1300
A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server ...
NA
CVE-2023-52636
In the Linux kernel, the following vulnerability has been resolved: libceph: just wait for more data to be available on the socket A short read may occur while reading the message footer from the socket. Later, when the socket is ready for another read, the messenger invokes all ...
NA
CVE-2024-1179
TP-Link Omada ER605 DHCPv6 Client Options Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of TP-Link Omada ER605 routers. Authentication is not required...
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »