Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
connections vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-32458
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP before 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use `/gfx` or `/rfx` modes (on by default,...
NA
CVE-2024-32039
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP before 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use `/gfx` optio...
NA
CVE-2024-29733
Improper Certificate Validation vulnerability in Apache Airflow FTP Provider. The FTP hook lacks complete certificate validation in FTP_TLS connections, which can potentially be leveraged. Implementing proper certificate validation by passing context=ssl.create_default_context() ...
NA
CVE-2023-50260
Wazuh is a free and open source platform used for threat prevention, detection, and response. A wrong validation in the `host_deny` script allows to write any string in the `hosts.deny` file, which can end in an arbitrary command execution on the target system. This vulnerability...
NA
CVE-2024-30107
HCL Connections contains a broken access control vulnerability that may expose sensitive information to unauthorized users in certain scenarios.
NA
CVE-2024-23557
HCL Connections contains a user enumeration vulnerability. Certain actions could allow an malicious user to determine if the user is valid or not, leading to a possible brute force attack.
NA
CVE-2024-3572
The scrapy/scrapy project is vulnerable to XML External Entity (XXE) attacks due to the use of lxml.etree.fromstring for parsing untrusted XML data without proper validation. This vulnerability allows malicious users to perform denial of service attacks, access local files, gener...
5.9
CVSSv3
CVE-2024-31497
In PuTTY 0.68 up to and including 0.80 prior to 0.81, biased ECDSA nonce generation allows an malicious user to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to ...
Putty Putty
Filezilla-project Filezilla Client
Winscp Winscp
Tortoisegit Tortoisegit
Tigris Tortoisesvn
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Fedoraproject Fedora 40
4 Github repositories
2 Articles
5.3
CVSSv3
CVE-2024-30390
An Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based malicious user to cause a limited Denial of Service (DoS) to the management plane. When an incoming connection was blocked beca...
NA
CVE-2024-3652
The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »