Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
an vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4956
Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated malicious user to read system files. Fixed in version 3.68.1.
NA
CVE-2024-4603
Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVP_PKEY_param_check() or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may experience long delays. Where the key or parame...
NA
CVE-2024-34582
Sunhillo SureLine up to and including 8.10.0 on RICI 5000 devices allows cgi/usrPasswd.cgi userid_change XSS within the Forgot Password feature.
1 Github repository
NA
CVE-2024-34829
CVE-2024-34829: IDOR in Eramba Community version <3.22.0 Issue Summary An IDOR bug was found on /attachments/attachments/download/ API allows abitrary file download, as a result of lacking of user permission control. Issue Impact All existing files in a section, including ...
1 Github repository
NA
CVE-2024-20326
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local malicious user to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper aut...
NA
CVE-2024-20389
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local malicious user to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper aut...
NA
CVE-2024-4999
A vulnerability in the web-based management interface of multiple Ligowave devices could allow an authenticated remote malicious user to execute arbitrary commands with elevated privileges.This issue affects UNITY: up to and including 6.95-2; PRO: up to and including 6.95-1....
7.8
CVSSv3
CVE-2024-30292
Adobe Framemaker versions 2020.5, 2022.3 and previous versions are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a ...
5.5
CVSSv3
CVE-2024-30286
Adobe Framemaker versions 2020.5, 2022.3 and previous versions Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this iss...
6.4
CVSSv3
CVE-2024-4580
The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in versions up to, and including, 2.0.6.0 due to insufficient input sanitization and output...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »