Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
doing vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-1698
Allowing long password leads to denial of service in GitHub repository causefx/organizr before 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications.
Organizr Organizr
8.8
CVSSv3
CVE-2022-1672
The Insights from Google PageSpeed WordPress plugin prior to 4.0.7 does not verify for CSRF before doing various actions such as deleting Custom URLs, which could allow malicious users to make a logged in admin perform such actions via CSRF attacks
Insights From Google Pagespeed Project Insights From Google Pagespeed
5.4
CVSSv3
CVE-2020-18468
Cross Site Scripting (XSS) vulnerability exists in qdPM 9.1 in the Heading field found in the Login Page page under the General menu via a crafted website name by doing an authenticated POST HTTP request to /qdPM_9.1/index.php/configuration.
Qdpm Qdpm 9.1
5.4
CVSSv3
CVE-2020-18467
Cross Site Scripting (XSS) vulnerabilty exists in BigTree-CMS 4.4.3 in the tag name field found in the Tags page under the General menu via a crafted website name by doing an authenticated POST HTTP request to admin/tags/create.
Bigtreecms Bigtree Cms 4.4.3
6.5
CVSSv3
CVE-2022-1728
Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk before 1.2.2. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications.
Trudesk Project Trudesk
7.8
CVSSv3
CVE-2017-11056
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while doing sha and cipher operations, a userspace buffer is directly accessed in kernel space potentially leading to a page fault.
Google Android 8.0
NA
CVE-2024-26963
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3-am62: fix module unload/reload behavior As runtime PM is enabled, the module can be runtime suspended when .remove() is called. Do a pm_runtime_get_sync() to make sure module is active before doing any ...
NA
CVE-2024-1442
A user with the permissions to create a data source can use Grafana API to create a data source with UID set to *. Doing this will grant the user access to read, query, edit and delete all data sources within the organization.
6.8
CVSSv3
CVE-2020-11286
An Untrusted Pointer Dereference can occur while doing USB control transfers, if multiple requests of different standard request categories like device, interface & endpoint are made together. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon ...
Qualcomm Apq8009 -
Qualcomm Apq8009w -
Qualcomm Apq8017 -
Qualcomm Apq8053 -
Qualcomm Apq8064au -
Qualcomm Apq8076 -
Qualcomm Apq8096au -
Qualcomm Ar8151 -
Qualcomm Csr6030 -
Qualcomm Mdm9206 -
Qualcomm Mdm9230 -
Qualcomm Mdm9250 -
Qualcomm Mdm9330 -
Qualcomm Mdm9607 -
Qualcomm Mdm9626 -
Qualcomm Mdm9628 -
Qualcomm Mdm9630 -
Qualcomm Mdm9640 -
Qualcomm Mdm9650 -
Qualcomm Mdm9655 -
Qualcomm Msm8909w -
Qualcomm Msm8937 -
NA
CVE-2007-0859
The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allows attackers with physical access to obtain sensitive information (memory contents) by doing (1) text searches or (2) paste operations after pressing certain keyboard shortcut keys.
Palm Treo 700p
Palm Treo 650
Palm Treo 680
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »