Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-3104
A remote code execution vulnerability exists in mintplex-labs/anything-llm due to improper handling of environment variables. Attackers can exploit this vulnerability by injecting arbitrary environment variables via the `POST /api/system/update-env` endpoint, which allows for the...
NA
CVE-2024-5256
Sonos Era 100 SMB2 Message Handling Integer Underflow Information Disclosure Vulnerability. This vulnerability allows network-adjacent malicious users to disclose sensitive information on affected installations of Sonos Era 100 smart speakers. Authentication is not required to ex...
NA
CVE-2024-5268
Sonos Era 100 SMB2 Message Handling Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent malicious users to disclose sensitive information on affected installations of Sonos Era 100 smart speakers. Authentication is not required to e...
NA
CVE-2024-5267
Sonos Era 100 SMB2 Message Handling Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of Sonos Era 100 smart speakers. Authentication is not required to exploit t...
NA
CVE-2024-2914
A TarSlip vulnerability exists in the deepjavalibrary/djl, affecting version 0.26.0 and fixed in version 0.27.0. This vulnerability allows an malicious user to manipulate file paths within tar archives to overwrite arbitrary files on the target system. Exploitation of this vulner...
NA
CVE-2024-1879
A Cross-Site Request Forgery (CSRF) vulnerability in significant-gravitas/autogpt version v0.5.0 allows malicious users to execute arbitrary commands on the AutoGPT server. The vulnerability stems from the lack of protections on the API endpoint receiving instructions, enabling a...
NA
CVE-2024-4941
A local file inclusion vulnerability exists in the JSON component of gradio-app/gradio version 4.25. The vulnerability arises from improper input validation in the `postprocess()` function within `gradio/components/json_component.py`, where a user-controlled string is parsed as J...
NA
CVE-2024-5507
Luxion KeyShot Viewer KSP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this vuln...
NA
CVE-2024-5302
Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that th...
NA
CVE-2024-5452
A remote code execution (RCE) vulnerability exists in the lightning-ai/pytorch-lightning library version 2.2.1 due to improper handling of deserialized user input and mismanagement of dunder attributes by the `deepdiff` library. The library uses `deepdiff.Delta` objects to modify...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »