Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
Recent vulnerabilities and exploits
NA
CVE-2024-32206
A stored cross-site scripting (XSS) vulnerability in the component \affiche\admin\index.php of WUZHICMS v4.1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the $formdata parameter.
NA
CVE-2024-32650
Rustls is a modern TLS library written in Rust. `rustls::ConnectionCommon::complete_io` could fall into an infinite loop based on network input. When using a blocking rustls server, if a client send a `close_notify` message immediately after `client_hello`, the server's `com...
NA
CVE-2024-31841
An issue exists in Italtel Embrace 1.6.4. The web server fails to sanitize input data, allowing remote unauthenticated malicious users to read arbitrary files on the filesystem.
NA
CVE-2023-37396
IBM Aspera Faspex 5.0.0 up to and including 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data. IBM X-Force ID: 259671.
NA
CVE-2023-22869
IBM Aspera Faspex 5.0.0 up to and including 5.0.7 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 244119.
NA
CVE-2024-31587
SecuSTATION Camera V2.5.5.3116-S50-SMA-B20160811A and lower allows an unauthenticated malicious user to download device configuration files via a crafted request.
NA
CVE-2024-32038
Wazuh is a free and open source platform used for threat prevention, detection, and response. There is a buffer overflow hazard in wazuh-analysisd when handling Unicode characters from Windows Eventchannel messages. It impacts Wazuh Manager 3.8.0 and above. This vulnerability is ...
NA
CVE-2024-3646
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the instance when configuring the chat integration. Exploitation of this vulnerability required access t...
NA
CVE-2024-32478
Git Credential Manager (GCM) is a secure Git credential helper. before 2.5.0, the Debian package does not set root ownership on installed files. This allows user 1001 on a multi-user system can replace binary and gain other users' privileges. This vulnerability is fixed in 2...
NA
CVE-2024-3684
A server side request forgery vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin access to the appliance when configuring the Artifacts & Logs and Migrations Storage. Exploitation of th...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »