Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-23110
A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 up to and including 7.4.2, 7.2.0 up to and including 7.2.6, 7.0.0 up to and including 7.0.13, 6.4.0 up to and including 6.4.14, 6.2.0 up to and including 6.2.15, 6.0 all versions allows malicious user to execute unau...
NA
CVE-2024-23111
A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may a...
NA
CVE-2024-31495
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiPortal versions 7.0.0 up to and including 7.0.6 and version 7.2.0 allows privileged user to obtain unauthorized information via the report download functionality.
NA
CVE-2024-37161
MeterSphere is an open source continuous testing platform. Prior to version 1.10.1-lts, the system's step editor stores cross-site scripting vulnerabilities. Version 1.10.1-lts fixes this issue.
NA
CVE-2024-37294
Aimeos is an Open Source e-commerce framework for online shops. All SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service attack. Users should upgrade to versions 2022.10.17, 2023.10.17, or 2024.04 of the aimeos/aimeos-...
NA
CVE-2024-37295
Aimeos is an Open Source e-commerce framework for online shops. Starting in version 2024.01.1 and prior to version 2024.04.5, a user with administrative privileges can upload files that look like images but contain PHP code which can then be executed in the context of the web ser...
NA
CVE-2024-37296
The Aimeos HTML client provides Aimeos HTML components for e-commerce projects. Starting in version 2020.04.1 and prior to versions 2020.10.27, 2021.10.21, 2022.10.12, 2023.10.14, and 2024.04.5, digital downloads sold in online shops can be downloaded without valid payment, e.g. ...
NA
CVE-2024-26010
A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 up to and including 1.1.2, 1.0.0 up to and including 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 up to and including 7.2.3, 7.0.1 up to and including 7.0.3, FortiOS version 7.4.0 up ...
NA
CVE-2024-35235
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and previous versions, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an...
NA
CVE-2024-35628
Missing Authorization vulnerability in Photo Gallery Team Photo Gallery by 10Web.This issue affects Photo Gallery by 10Web: from n/a up to and including 1.8.24.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »