Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
better comments vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2024-2404
The Better Comments WordPress plugin prior to 1.5.6 does not sanitise and escape some of its settings, which could allow low privilege users such as Subscribers to perform Stored Cross-Site Scripting attacks.
Utopique Better Comments
NA
CVE-2024-2402
The Better Comments WordPress plugin prior to 1.5.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multis...
8.6
CVSSv3
CVE-2024-24919
Potentially allowing an malicious user to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
Checkpoint Quantum Security Gateway Firmware R80.40
Checkpoint Cloudguard Network Security R81.20
Checkpoint Cloudguard Network Security R81.10
Checkpoint Cloudguard Network Security R81.0
Checkpoint Cloudguard Network Security R80.40
Checkpoint Quantum Security Gateway Firmware R81.20
Checkpoint Quantum Security Gateway Firmware R81.10
Checkpoint Quantum Security Gateway Firmware R81.0
Checkpoint Quantum Spark Firmware R81.10
Checkpoint Quantum Spark Firmware R80.20
37 Github repositories
4 Articles
6.1
CVSSv3
CVE-2019-11358
jQuery prior to 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Jquery Jquery
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Drupal Drupal
Backdropcms Backdrop
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Netapp Snapcenter -
Netapp Oncommand System Manager
Redhat Cloudforms 4.7
Redhat Virtualization Manager 4.3
Oracle Service Bus 12.1.3.0.0
Oracle Primavera Unifier 16.2
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Weblogic Server 12.1.3.0.0
Oracle Service Bus 11.1.1.9.0
Oracle Jdeveloper 11.1.1.9.0
Oracle Primavera Unifier 16.1
150 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started