Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-29848
An unrestricted file upload vulnerability in web component of Ivanti Avalanche prior to 6.4.x allows an authenticated, privileged user to execute arbitrary commands as SYSTEM.
NA
CVE-2021-44534
Insufficient user input filtering leads to arbitrary file read by non-authenticated attacker, which results in sensitive information disclosure.
NA
CVE-2024-22058
A buffer overflow allows a low privilege user on the local machine that has the EPM Agent installed to execute arbitrary code with elevated permissions in Ivanti EPM 2021.1 and older.
NA
CVE-2024-35140
IBM Security Verify Access Docker 10.0.0 up to and including 10.0.6 could allow a local user to escalate their privileges due to improper certificate validation. IBM X-Force ID: 292416.
NA
CVE-2024-35142
IBM Security Verify Access Docker 10.0.0 up to and including 10.0.6 could allow a local user to escalate their privileges due to execution of unnecessary privileges. IBM X-Force ID: 292418.
NA
CVE-2024-36120
javascript-deobfuscator removes common JavaScript obfuscation techniques. In affected versions crafted payloads targeting expression simplification can lead to code execution. This issue has been patched in version 1.1.0. Users are advised to update. Users unable to upgrade shoul...
NA
CVE-2022-25037
An issue in wanEditor v4.7.11 and fixed in v.4.7.12 and v.5 exists to contain a cross-site scripting (XSS) vulnerability via the image upload function.
NA
CVE-2022-25038
wanEditor v4.7.11 exists to contain a cross-site scripting (XSS) vulnerability via the video upload function.
NA
CVE-2024-28736
An issue in Debezium Community debezium-ui v.2.5 allows a local malicious user to execute arbitrary code via the refresh page function.
NA
CVE-2023-7073
The Auto Featured Image (Auto Post Thumbnail) plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.0 via the upload_to_library AJAX action. This makes it possible for authenticated attackers, with author-level access and abov...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »