Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-5267
Sonos Era 100 SMB2 Message Handling Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of Sonos Era 100 smart speakers. Authentication is not required to exploit t...
NA
CVE-2024-5302
Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that th...
NA
CVE-2024-5452
A remote code execution (RCE) vulnerability exists in the lightning-ai/pytorch-lightning library version 2.2.1 due to improper handling of deserialized user input and mismanagement of dunder attributes by the `deepdiff` library. The library uses `deepdiff.Delta` objects to modify...
NA
CVE-2024-5505
NETGEAR ProSAFE Network Management System UpLoadServlet Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is re...
NA
CVE-2024-4325
A Server-Side Request Forgery (SSRF) vulnerability exists in the gradio-app/gradio version 4.21.0, specifically within the `/queue/join` endpoint and the `save_url_to_cache` function. The vulnerability arises when the `path` value, obtained from the user and expected to be a URL,...
NA
CVE-2024-30369
A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local malicious users to escalate privileges on affected installations of A10 Thunder ADC. An attacker must first obtain the ability to execute low-privileged code ...
NA
CVE-2024-36736
An issue in the oneflow.permute component of OneFlow-Inc. Oneflow v0.9.1 causes an incorrect calculation when the same dimension operation is performed.
NA
CVE-2024-36737
Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows malicious users to cause a Denial of Service (DoS) via inputting a negative value into the oneflow.full parameter.
NA
CVE-2024-4889
A code injection vulnerability exists in the berriai/litellm application, version 1.34.6, due to the use of unvalidated input in the eval function within the secret management system. This vulnerability requires a valid Google KMS configuration file to be exploitable. Specificall...
NA
CVE-2024-5256
Sonos Era 100 SMB2 Message Handling Integer Underflow Information Disclosure Vulnerability. This vulnerability allows network-adjacent malicious users to disclose sensitive information on affected installations of Sonos Era 100 smart speakers. Authentication is not required to ex...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »