Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-member vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-6547
Mattermost fails to validate team membership when a user attempts to access a playbook, allowing a user with permissions to a playbook but no permissions to the team the playbook is on to access and modify the playbook. This can happen if the user was once a member of the team, g...
Mattermost Mattermost Server
5.4
CVSSv3
CVE-2023-22462
Grafana is an open-source platform for monitoring and observability. On 2023-01-01 during an internal audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin "Text". The stored XSS vulnerability requires several user in...
Grafana Grafana
5.4
CVSSv3
CVE-2021-24128
Unvalidated input and lack of output encoding in the Team Members WordPress plugin, versions prior to 5.0.4, lead to Cross-site scripting vulnerabilities allowing medium-privileged authenticated attacker (contributor+) to inject arbitrary web script or HTML via the 'Descript...
Wpdarko Team Members
5.4
CVSSv3
CVE-2017-1000482
A member of the Plone 2.5-5.1rc1 site could set javascript in the home_page property of his profile, and have this executed when a visitor click the home page link on the author page.
Plone Plone
Plone Plone 5.1
5.3
CVSSv3
CVE-2023-40179
Silverware Games is a premium social network where people can play games online. Prior to version 1.3.6, the Password Recovery form would throw an error if the specified email was not found in our database. It would only display the "Enter the code" form if the email is...
Silverwaregames Silverwaregames
5.3
CVSSv3
CVE-2022-29526
Go prior to 1.17.10 and 1.18.x prior to 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.
Golang Go
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Beegfs Csi Driver -
5
CVSSv3
CVE-2019-10153
A flaw exists in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fence_rhevm to exit with an exception. In cluster environments, this could lead to preventing automated recovery or otherwise denying s...
Clusterlabs Fence-agents
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux 8.0
4.9
CVSSv3
CVE-2017-14023
An Improper Input Validation issue exists in Siemens SIMATIC PCS 7 V8.1 prior to V8.1 SP1 with WinCC V7.3 Upd 13, and V8.2 all versions. The improper input validation vulnerability has been identified, which may allow an authenticated remote attacker who is a member of the admini...
Siemens Simatic Pcs7 8.1
Siemens Simatic Wincc 7.3
Siemens Simatic Pcs7 8.2
4.7
CVSSv3
CVE-2016-8405
An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requi...
Linux Linux Kernel 3.18
Linux Linux Kernel 3.10
4.4
CVSSv3
CVE-2017-5551
The simple_set_acl function in fs/posix_acl.c in the Linux kernel prior to 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on ex...
Linux Linux Kernel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »