Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
5.1
CVSSv2
CVE-2022-26909
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
Microsoft Edge Chromium
4.4
CVSSv2
CVE-2022-26938
Storage Spaces Direct Elevation of Privilege Vulnerability
Microsoft Windows Server 2016 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022
NA
CVE-2022-2694
A vulnerability was found in SourceCodester Company Website CMS and classified as critical. This issue affects some unknown processing. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be use...
Company Website Cms Project Company Website Cms -
NA
CVE-2022-2696
The Restaurant Menu – Food Ordering System – Table Reservation plugin for WordPress is vulnerable to authorization bypass via several AJAX actions in versions up to, and including 2.3.0 due to missing capability checks and missing nonce validation. This makes it possi...
Oracle Restaurant Menu - Food Ordering System - Table Reservation
5.8
CVSSv2
CVE-2022-26960
connector.minimal.php in std42 elFinder up to and including 2.1.60 is affected by path traversal. This allows unauthenticated remote malicious users to read, write, and browse files outside the configured document root. This is due to improper handling of absolute file paths.
Std42 Elfinder
5
CVSSv2
CVE-2022-26975
Barco Control Room Management Suite web application, which is part of TransForm N prior to 3.14, is exposing log files without authentication.
Barco Control Room Management Suite
6.5
CVSSv2
CVE-2022-26982
SimpleMachinesForum 2.1.1 and previous versions allows remote authenticated administrators to execute arbitrary code by inserting a vulnerable php code because the themes can be modified by an administrator. NOTE: the vendor's position is that administrators are intended to ...
Simplemachines Simple Machines Forum
8.5
CVSSv2
CVE-2022-26986
SQL Injection in ImpressCMS 1.4.3 and previous versions allows remote malicious users to inject into the code in unintended way, this allows an malicious user to read and modify the sensitive information from the database used by the application. If misconfigured, an attacker can...
Impresscms Impresscms
7.2
CVSSv2
CVE-2022-26987
TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MmtAtePrase` function. Local users could get remote code execution.
Tp-link Tl-wdr7660 Firmware 2.0.30
Tp-link Tl-wdr7661 Firmware -
Tp-link Tl-wdr7620 Firmware -
Tp-link Tl-wdr5660 Firmware -
Mercusys Mercury D196g Firmware 20200109 2.0.4
Fastcom Fac1900r Firmware 20190827 2.0.2
NA
CVE-2022-2699
A vulnerability was found in SourceCodester Simple E-Learning System. It has been rated as critical. Affected by this issue is some unknown functionality of the file /claire_blake. The manipulation of the argument phoneNumber leads to sql injection. The attack may be launched rem...
Simple E-learning System Project Simple E-learning System -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36954
CVE-2024-36933
CVE-2024-24919
CVE-2024-36923
CVE-2024-2961
CVE-2024-36925
bypass
encryption
command injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »