Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-51714
An issue exists in the HTTP2 implementation in Qt prior to 5.15.17, 6.x prior to 6.2.11, 6.3.x up to and including 6.5.x prior to 6.5.4, and 6.6.x prior to 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check.
Qt Qt
9.8
CVSSv3
CVE-2023-42017
IBM Planning Analytics Local 2.0 could allow a remote malicious user to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious script, whic...
Ibm Planning Analytics 2.0
9.8
CVSSv3
CVE-2023-51707
MotionPro in Array ArrayOS AG prior to 9.4.0.505 on AG and vxAG allows remote command execution via crafted packets. AG and vxAG 9.3.0.259.x are unaffected.
Arraynetworks Arrayos Ag
9.8
CVSSv3
CVE-2023-50993
Ruijie WS6008 v1.x v2.x AC_RGOS11.9(6)W3B2_G2C6-01_10221911 and WS6108 v1.x AC_RGOS11.9(6)W3B2_G2C6-01_10221911 exists to contain a command injection vulnerability via the function downFiles.
Ruijie Rg-ws6008 Firmware 11.9\\(6\\)w3b2 G2c6-01 10221911
Ruijie Rg-ws6108 Firmware 11.9\\(6\\)w3b2 G2c6-01 10221911
9.8
CVSSv3
CVE-2023-35895
IBM Informix JDBC Driver 4.10 and 4.50 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. IBM X-Force ID: 259116.
Ibm Informix Jdbc 4.50
Ibm Informix Jdbc 4.10
9.8
CVSSv3
CVE-2023-50976
Redpanda prior to 23.1.21 and 23.2.x prior to 23.2.18 has missing authorization checks in the Transactions API.
Redpanda Redpanda
9.8
CVSSv3
CVE-2023-49934
An issue exists in SchedMD Slurm 23.11.x. There is SQL Injection against the SlurmDBD database. The fixed version is 23.11.1.
Schedmd Slurm 23.11
9.8
CVSSv3
CVE-2023-49937
An issue exists in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. Because of a double free, attackers can cause a denial of service or possibly execute arbitrary code. The fixed versions are 22.05.11, 23.02.7, and 23.11.1.
Schedmd Slurm
Schedmd Slurm 23.11
9.8
CVSSv3
CVE-2023-41117
An issue exists in EnterpriseDB Postgres Advanced Server (EPAS) prior to 11.21.32, 12.x prior to 12.16.20, 13.x prior to 13.12.16, 14.x prior to 14.9.0, and 15.x prior to 15.4.0. It contain packages, standalone packages, and functions that run SECURITY DEFINER but are inadequatel...
Enterprisedb Postgres Advanced Server
9.8
CVSSv3
CVE-2023-2449
The UserPro plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 5.1.1. This is due to the plugin using native password reset functionality, with insufficient validation on the password reset function (userpro_process_form). The func...
Userproplugin Userpro
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »