Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-25736
An issue exists on WyreStorm Apollo VX20 devices prior to 1.3.58. Remote attackers can restart the device via a /device/reboot GET request.
NA
CVE-2024-25737
A Server-Side Request Forgery (SSRF) vulnerability in the /Cover/Show route (showAction in CoverController.php) in Open Library Foundation VuFind 2.4 up to and including 9.1 prior to 9.1.1 allows remote malicious users to access internal HTTP servers and perform Cross-Site Script...
NA
CVE-2024-25738
A Server-Side Request Forgery (SSRF) vulnerability in the /Upgrade/FixConfig route in Open Library Foundation VuFind 2.0 up to and including 9.1 prior to 9.1.1 allows a remote malicious user to overwrite local configuration files to gain access to the administrator panel and achi...
5.5
CVSSv3
CVE-2024-25739
create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel up to and including 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size.
Linux Linux Kernel
NA
CVE-2024-2574
A vulnerability classified as critical was found in SourceCodester Employee Task Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit-task.php. The manipulation of the argument task_id leads to authorization bypass. The attack can be...
5.5
CVSSv3
CVE-2024-25740
A memory leak flaw was found in the UBI driver in drivers/mtd/ubi/attach.c in the Linux kernel up to and including 6.7.4 for UBI_IOCATT, because kobj->name is not released.
Linux Linux Kernel
NA
CVE-2024-25742
In the Linux kernel prior to 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This affects AMD SEV-SNP and AMD SEV-ES.
NA
CVE-2024-25743
In the Linux kernel up to and including 6.9, an untrusted hypervisor can inject virtual interrupts 0 and 14 at any point in time and can trigger the SIGFPE signal handler in userspace applications. This affects AMD SEV-SNP and AMD SEV-ES.
NA
CVE-2024-25744
In the Linux kernel prior to 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to arch/x86/coco/tdx/tdx.c and arch/x86/mm/mem_encrypt_amd.c.
NA
CVE-2024-25746
Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote malicious user to execute arbitrary code via the add_white_node function.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »