Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-21478
transient DOS when setting up a fence callback to free a KGSL memory entry object during DMA.
NA
CVE-2024-23664
A URL redirection to untrusted site ('open redirect') in Fortinet FortiAuthenticator version 6.6.0, version 6.5.3 and below, version 6.4.9 and below may allow an malicious user to to redirect users to an arbitrary website via a crafted URL.
6.7
CVSSv3
CVE-2023-43544
Memory corruption when IPC callback handle is used after it has been released during register callback by another thread.
6.7
CVSSv3
CVE-2023-43545
Memory corruption when more scan frequency list or channels are sent from the user space.
NA
CVE-2024-23665
Multiple improper authorization vulnerabilities [CWE-285] in FortiWeb version 7.4.2 and below, version 7.2.7 and below, version 7.0.10 and below, version 6.4.3 and below, version 6.3.23 and below may allow an authenticated malicious user to perform unauthorized ADOM operations vi...
NA
CVE-2024-23668
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 up to and including 7.0.4 and 6.3.0 and 6.2.3 up to and including 6.2.4 and 6.0.2 allows malicious user to execute unauthorized code or commands via HTTP requests or CLI.
NA
CVE-2024-23670
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 up to and including 7.0.4 and 6.3.0 and 6.2.3 up to and including 6.2.4 and 6.0.2 allows malicious user to execute unauthorized code or commands via HTTP requests or CLI.
NA
CVE-2024-35633
Server-Side Request Forgery (SSRF) vulnerability in CreativeThemes Blocksy Companion.This issue affects Blocksy Companion: from n/a up to and including 2.0.42.
NA
CVE-2024-3829
qdrant/qdrant version 1.9.0-dev is vulnerable to arbitrary file read and write during the snapshot recovery process. Attackers can exploit this vulnerability by manipulating snapshot files to include symlinks, leading to arbitrary file read by adding a symlink that points to a de...
NA
CVE-2024-23667
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 up to and including 7.0.4 and 6.3.0 and 6.2.3 up to and including 6.2.4 and 6.0.2 allows malicious user to execute unauthorized code or commands via HTTP requests or CLI.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »