Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
Recent vulnerabilities and exploits
NA
CVE-2024-0043
In multiple locations, there is a possible notification listener grant to an app running in the work profile due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitat...
NA
CVE-2024-25514
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the template_id parameter at /SysManage/wf_template_child_field_list.aspx.
NA
CVE-2024-4558
Use after free in ANGLE in Google Chrome before 124.0.6367.155 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
NA
CVE-2024-25509
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the sys_file_storage_id parameter at /WorkFlow/wf_file_download.aspx.
NA
CVE-2024-4559
Heap buffer overflow in WebAudio in Google Chrome before 124.0.6367.155 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
NA
CVE-2024-34315
CmsEasy v7.7.7.9 exists to contain a local file inclusion vunerability via the file_get_contents function in the fckedit_action method of /admin/template_admin.php. This vulnerability allows malicious users to read arbitrary files.
NA
CVE-2024-34314
CmsEasy v7.7.7.9 exists to contain a local file inclusion vunerability via the file_get_contents function in the fetch_action method of /admin/template_admin.php. This vulnerability allows malicious users to read arbitrary files.
NA
CVE-2024-25511
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /AddressBook/address_public_new.aspx.
NA
CVE-2024-25513
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the file_id parameter at /CorporateCulture/kaizen_download.aspx.
NA
CVE-2024-25510
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /AddressBook/address_public_show.aspx.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »