Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4267
A remote code execution (RCE) vulnerability exists in the parisneo/lollms-webui, specifically within the 'open_file' module, version 9.5. The vulnerability arises due to improper neutralization of special elements used in a command within the 'open_file' funct...
NA
CVE-2024-27264
IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege. IBM X-Force ID: 284563.
NA
CVE-2024-4453
GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but att...
NA
CVE-2024-31895
IBM App Connect Enterprise 12.0.1.0 up to and including 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IBM X-Force ID: 288176.
NA
CVE-2024-31893
IBM App Connect Enterprise 12.0.1.0 up to and including 12.0.12.1 could allow an authenticated user to obtain sensitive calendar information using an expired access token. IBM X-Force ID: 288174.
NA
CVE-2024-25738
A Server-Side Request Forgery (SSRF) vulnerability in the /Upgrade/FixConfig route in Open Library Foundation VuFind 2.0 up to and including 9.1 prior to 9.1.1 allows a remote malicious user to overwrite local configuration files to gain access to the administrator panel and achi...
NA
CVE-2024-31904
IBM App Connect Enterprise 11.0.0.1 up to and including 11.0.0.25 and 12.0.1.0 up to and including 12.0.12.0 integration nodes could allow an authenticated user to cause a denial of service due to an uncaught exception. IBM X-Force ID: 289647.
NA
CVE-2024-35627
tileserver-gl up to v4.4.10 exists to contain a cross-site scripting (XSS) vulnerability via the component /data/v3/?key.
NA
CVE-2024-25737
A Server-Side Request Forgery (SSRF) vulnerability in the /Cover/Show route (showAction in CoverController.php) in Open Library Foundation VuFind 2.4 up to and including 9.1 prior to 9.1.1 allows remote malicious users to access internal HTTP servers and perform Cross-Site Script...
NA
CVE_2024_4367
Detect CVE-2024-4367 Quick-and-dirty YARA detection rule for CVE-2024-4367 arbitrary javascript execution in PDF.js. Usage $ yara expl_pdfjs_cve_2024_4367.yar poc_generalized_CVE-2024-4367.pdf EXPL_PDFJS_CVE_2024_4367 poc_generalized_CVE-2024-4367.pdf ...
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »