Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
an vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-5663
The Cards for Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Cards widget in all versions up to, and including, 1.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it poss...
NA
CVE-2024-0444
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability ...
NA
CVE-2024-4956
Shiro 1 Extractor This repository contains a Python script shiro1-extractor.py that will search all .pcl files within a specific directory and extract Apache Shiro 1 hashes from them, then write them to an output file. Usage usage: shiro1-extractor.py [-h] input_dir output_file ...
2 Github repositories
NA
CVE-2023-49223
Precor touchscreen console P62, P80, and P82 could allow a remote malicious user to obtain sensitive information because the root password is stored in /etc/passwd. An attacker could exploit this to extract files and obtain sensitive information.
NA
CVE-2024-36811
An arbitrary file upload vulnerability in the image upload function of aimeos-core v2024.04 allows malicious users to execute arbitrary code via uploading a crafted PHP file.
NA
CVE-2024-36827
An XML External Entity (XXE) vulnerability in the ebookmeta.get_metadata function of ebookmeta before v1.2.8 allows malicious users to access sensitive information or cause a Denial of Service (DoS) via crafted XML input.
NA
CVE-2024-37388
An XML External Entity (XXE) vulnerability in the ebookmeta.get_metadata function of lxml before v4.9.1 allows malicious users to access sensitive information or cause a Denial of Service (DoS) via crafted XML input.
NA
CVE-2024-5745
A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/product/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload. It i...
NA
CVE-2024-31959
An issue exists in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks a check for the validation of native handles, which can result in code execution.
NA
CVE-2024-32502
An issue exists in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper reference count checking, which can result in a UAF (Use-After-Free) vulnera...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »