Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-6055
Improper removal of sensitive information in data source export feature in Devolutions Remote Desktop Manager 2024.1.32.0 and previous versions on Windows allows an attacker that obtains the exported settings to recover powershell credentials configured on the data source via ste...
NA
CVE-2024-6057
Improper authentication in the vault password feature in Devolutions Remote Desktop Manager 2024.1.31.0 and previous versions allows an attacker that has compromised an access to an RDM instance to bypass the vault master password via the offline mode feature.
NA
CVE-2024-5741
Stored XSS in inventory tree rendering in Checkmk prior to 2.3.0p7, 2.2.0p28, 2.1.0p45 and 2.0.0 (EOL)
NA
CVE-2024-23691
CVE-2024-23691
1 Github repository
NA
CVE-2024-6048
Openfind's MailGates and MailAudit fail to properly filter user input when analyzing email attachments. An unauthenticated remote attacker can exploit this vulnerability to inject system commands and execute them on the remote server.
NA
CVE-2024-36277
Improper verification of cryptographic signature issue exists in "FreeFrom - the nostr client" App versions before 1.3.5 for Android and iOS. The affected app cannot detect event data with invalid signatures.
NA
CVE-2024-36279
Reliance on obfuscation or encryption of security-relevant inputs without integrity checking issue exists in "FreeFrom - the nostr client" App versions before 1.3.5 for Android and iOS. If this vulnerability is exploited, the content of direct messages (DMs) between use...
NA
CVE-2024-36289
Reusing a nonce, key pair in encryption issue exists in "FreeFrom - the nostr client" App versions before 1.3.5 for Android and iOS. If this vulnerability is exploited, the content of direct messages (DMs) between users may be manipulated by a man-in-the-middle attack.
NA
CVE-2024-5650
DLL Hijacking vulnerability has been found in CENTUM CAMS Log server provided by Yokogawa Electric Corporation. If an attacker is somehow able to intrude into a computer that installed affected product or access to a shared folder, by replacing the DLL file with a tampered one, i...
NA
CVE-2024-6047
Certain EOL GeoVision devices fail to properly filter user input for the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »