Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
Recent vulnerabilities and exploits
NA
CVE-2024-32404
Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1, allows remote malicious users to execute arbitrary code via a crafted payload to the Markup Sandbox feature.
NA
CVE-2024-32406
Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1 allows a remote malicious user to execute arbitrary code via a crafted payload to the Batch-Issue Exam Tickets function.
NA
CVE-2024-3154
A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod annotation. Any user who can create a pod with an arbitrary annotation may perform an arbitrary action on the host system.
NA
CVE-2024-22633
Setor Informatica Sistema Inteligente para Laboratorios (S.I.L.) 388 exists to contain a remote code execution (RCE) vulnerability via the hprinter parameter. This vulnerability is triggered via a crafted POST request.
NA
CVE-2024-22632
Setor Informatica Sistema Inteligente para Laboratorios (S.I.L.) 388 exists to contain a remote code execution (RCE) vulnerability via the hmsg parameter. This vulnerability is triggered via a crafted POST request.
NA
CVE-2024-31755
cJSON v1.7.17 exists to contain a segmentation violation, which can trigger through the second parameter of function cJSON_SetValuestring at cJSON.c.
NA
CVE-2024-4163
The Skylab IGX IIoT Gateway allowed users to connect to it via a limited shell terminal (IGX). However, it exists that the process was running under root privileges. This allowed the malicious user to read, write, and modify any file in the operating system by utilizing the limit...
NA
CVE-2023-47252
An issue exists in PnpSmm in Insyde InsydeH2O with kernel 5.0 up to and including 5.6. There is a possible out-of-bounds access in the SMM communication buffer, leading to tampering. The PNP-related SMI sub-functions do not verify data size before getting it from the communicatio...
NA
CVE-2024-33672
An issue exists in Veritas NetBackup prior to 10.4. The Multi-Threaded Agent used in NetBackup can be leveraged to perform arbitrary file deletion on protected files.
NA
CVE-2024-33673
An issue exists in Veritas Backup Exec prior to 22.2 HotFix 917391. Improper access controls allow for DLL Hijacking in the Windows DLL Search path.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »