Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
Vulnerabilities by relevance
6.8
CVSSv2
CVE-2021-21122
Use after free in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page....
Google Chrome
Microsoft Edge Chromium
1 Github repository available
3.5
CVSSv2
CVE-2021-24481
The Any Hostname WordPress plugin through 1.0.6 does not sanitise or escape its "Allowed hosts" setting, leading to an authenticated stored XSS issue as high privilege users are able to set XSS payloads in it...
Any Hostname Project Any Hostname
7.2
CVSSv2
CVE-2021-22418
A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause memory overwriting....
Huawei Harmonyos 2.0
4.3
CVSSv2
CVE-2021-36703
The "blog title" field in the "Settings" menu "config" page of "dashboard" in htmly 2.8.1 has a storage cross site scripting (XSS) vulnerability. It allows remote attackers to send an authenticated post HTTP request to admin/config and...
Htmly Htmly 2.8.1
4.3
CVSSv2
CVE-2021-24014
Multiple instances of improper neutralization of input during web page generation vulnerabilities in FortiSandbox before 4.0.0 may allow an unauthenticated attacker to perform an XSS attack via specifically crafted request parameters....
Fortinet Fortisandbox
4.3
CVSSv2
CVE-2021-38115
read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) through 2.3.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file....
Libgd Libgd
2 Github repositories available
7.5
CVSSv2
CVE-2021-36622
Sourcecodester Online Covid Vaccination Scheduler System 1.0 is affected vulnerable to Arbitrary File Upload. The admin panel has an upload function of profile photo accessible at localhost/scheduler/admin/?page=user. An attacker could upload a malicious file such as shell.php...
Online Covid Vaccination Scheduler System Project Online Covid Vaccination Scheduler System 1.0
9
CVSSv2
CVE-2021-32590
Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiPortal 6.0.0 through 6.0.4, 5.3.0 through 5.3.5, 5.2.0 through 5.2.5, and 4.2.2 and earlier may allow an attacker with regular user's privileges to execute arbitrary commands...
Fortinet Fortiportal
9
CVSSv2
CVE-2021-29696
IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request....
Ibm Cloud Pak For Security 1.5.0.0
Ibm Cloud Pak For Security 1.5.0.1
Ibm Cloud Pak For Security 1.6.0.0
Ibm Cloud Pak For Security 1.6.1.0
Ibm Cloud Pak For Security 1.7.0.0
Ibm Cloud Pak For Security 1.7.1.0
7.5
CVSSv2
CVE-2021-37558
A SQL injection vulnerability in a MediaWiki script in Centreon before 20.04.14, 20.10.8, and 21.04.2 allows remote unauthenticated attackers to execute arbitrary SQL commands via the host_name and service_description parameters. The vulnerability can be exploited only when a...
Centreon Centreon
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
stored XSS
CVE-2022-29582
CVE-2020-6507
CVE-2022-36835
CVE-2022-24028
CVE-2022-2692
CVE-2022-26346
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »