Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
amirhossein bahramizadeh vulnerabilities and exploits
(subscribe to this query)
9.9
CVSSv3
CVE-2023-36355
TP-Link TL-WR940N V4 exists to contain a buffer overflow via the ipStart parameter at /userRpm/WanDynamicIpV6CfgRpm. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted GET request.
Tp-link Tl-wr940n Firmware -
9.8
CVSSv3
CVE-2023-33592
Lost and Found Information System v1.0 exists to contain a SQL injection vulnerability via the component /php-lfis/admin/?page=system_info/contact_information.
Oretnom23 Lost And Found Information System 1.0
1 Github repository
8.8
CVSSv3
CVE-2023-3320
The WP Sticky Social plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing nonce validation in the ~/admin/views/admin.php file. This makes it possible for unauthenticated malicious users to modify the plu...
Wp Sticky Social Project Wp Sticky Social
1 EDB exploit
8.1
CVSSv3
CVE-2023-28288
Microsoft SharePoint Server Spoofing Vulnerability
Microsoft Sharepoint Foundation 2013
Microsoft Sharepoint Server 2019
Microsoft Sharepoint Server 2013
Microsoft Sharepoint Server 2016
Microsoft Sharepoint Server -
1 EDB exploit
8.1
CVSSv3
CVE-2020-11027
In affected versions of WordPress, a password reset link emailed to a user does not expire upon changing the user password. Access would be needed to the email account of the user by a malicious party for successful execution. This has been patched in version 5.4.1, along with al...
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Wordpress Wordpress 5.4
Wordpress Wordpress
7.8
CVSSv3
CVE-2023-32479
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions before 11.9.0 contain privilege escalation vulnerability due to improper ACL of the non-default installation directory. A local malicious user could potentially exploit this vu...
Dell Encryption
Dell Endpoint Security Suite Enterprise
Dell Security Management Server
7.8
CVSSv3
CVE-2023-28293
Windows Kernel Elevation of Privilege Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
Microsoft Windows 10 20h2
Microsoft Windows 10 21h2
Microsoft Windows 11 22h2
Microsoft Windows 10 22h2
Microsoft Windows 10 1809
Microsoft Windows 10 1607
Microsoft Windows 11 21h2
1 EDB exploit
7.5
CVSSv3
CVE-2023-30198
Prestashop winbizpayment <= 1.0.2 is vulnerable to Incorrect Access Control via modules/winbizpayment/downloads/download.php.
Webbax Winbizpayment
1 EDB exploit
7
CVSSv3
CVE-2023-25187
An issue exists on NOKIA Airscale ASIKA Single RAN devices prior to 21B. Nokia Single RAN commissioning procedures do not change (factory-time installed) default SSH public/private key values that are specific to a network operator. As a result, the CSP internal BTS network SSH s...
Nokia Asika Airscale Firmware 19b
Nokia Asika Airscale Firmware 20a
Nokia Asika Airscale Firmware 20b
Nokia Asika Airscale Firmware 20c
Nokia Asika Airscale Firmware 21a
1 EDB exploit
6.1
CVSSv3
CVE-2023-36346
POS Codekop v2.0 exists to contain a reflected cross-site scripting (XSS) vulnerability via the nm_member parameter at print.php.
Codekop Codekop 2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »