Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
Recent vulnerabilities and exploits
NA
CVE-2023-25341
A Directory Traversal vulnerability in ladle dev server 2.5.1 and previous versions allows an attacker on the same network to read files accessible to the user via GET requests.
NA
CVE-2024-23727
The YI Smart Kami Vision com.kamivision.yismart application up to and including 1.0.0_20231219 for Android allows a remote malicious user to execute arbitrary JavaScript code via an implicit intent to the com.ants360.yicamera.activity.WebViewActivity component.
NA
CVE-2024-25506
Cross Site Scripting vulnerability in Process Maker, Inc ProcessMaker prior to 4.0 allows a remote malicious user to run arbitrary code via control of the pm_sys_sys cookie.
NA
CVE-2024-28090
Technicolor TC8715D TC8715D-01.EF.04.38.00-180405-S-FF9-D RSE-TC8717T devices allow a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via User name in dyn_dns.asp.
NA
CVE-2024-28091
Technicolor TC8715D TC8715D-01.EF.04.38.00-180405-S-FF9-D RSE-TC8717T devices allow a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via User Defined Service in managed_services_add.asp (the victim must click an X for a deletion).
NA
CVE-2024-28713
An issue in Mblog Blog system v.3.5.0 allows an malicious user to execute arbitrary code via a crafted file to the theme management feature.
NA
CVE-2024-31063
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote malicious user to execute arbitrary code via the Email input field.
NA
CVE-2024-2947
A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability, resulting in privilege escalation. This issue affects Cockpit versions 270 and newer.
NA
CVE-2024-25946
Dell vApp Manager, versions before 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends customers to upgrade at the earliest opportunity.
NA
CVE-2024-25955
Dell vApp Manager, versions before 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends customers to upgrade at the earliest opportunity.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »