Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
development system vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4956
Shiro 1 Extractor This repository contains a Python script shiro1-extractor.py that will search all .pcl files within a specific directory and extract Apache Shiro 1 hashes from them, then write them to an output file. Usage usage: shiro1-extractor.py [-h] input_dir output_file ...
2 Github repositories
NA
CVE-2024-4577
CVE-2024-4577 PoC Exploit Welcome to the official repository for the CVE-2024-4577 Proof of Concept (PoC) exploit. This project showcases a sophisticated vulnerability exploitation technique that leverages crafted PHP code to execute arbitrary commands on systems vulnerable to CV...
18 Github repositories
1 Article
NA
CVE-2024-27130
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network. We have already fixed the vulnerability in the following version: QTS 5....
2 Github repositories
2 Articles
NA
CVE_2024_3094
Ansible role cve_2024_3094 Check xz vulnerability (cve_2024_3094) on your system. GitHub Version Issues Pull Requests Downloads Example Playbook This example is taken from molecule/default/converge.yml and is tested on each push, pull request and release. --- - nam...
1 Github repository
NA
CVE-2024-31993
Mealie is a self hosted recipe manager and meal planner. before 1.4.0, the scrape_image function will retrieve an image based on a user-provided URL, however the provided URL is not validated to point to an external location and does not have any enforced rate limiting. The respo...
NA
CVE-2024-25129
The CodeQL CLI repo holds binaries for the CodeQL command line interface (CLI). Prior to version 2.16.3, an XML parser used by the CodeQL CLI to read various auxiliary files is vulnerable to an XML External Entity attack. If a vulnerable version of the CLI is used to process eith...
NA
CVE-2023-50358
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 2...
1 Github repository
2 Articles
NA
CVE-2024-24823
Graylog is a free and open log management platform. Starting in version 4.3.0 and prior to versions 5.1.11 and 5.2.4, reauthenticating with an existing session cookie would re-use that session id, even if for different user credentials. In this case, the pre-existing session coul...
Graylog Graylog
NA
CVE-2024-22380
Electronic Delivery Check System (Ministry of Agriculture, Forestry and Fisheries The Agriculture and Rural Development Project Version) March, Heisei 31 era edition Ver.14.0.001.002 and previous versions improperly restricts XML external entity references (XXE). By processing a ...
Maff Electronic Delivery Check System
NA
CVE-2023-48375
SmartStar Software CWS is a web-based integration platform, it has a vulnerability of missing authorization and users are able to access data or perform actions that they should not be allowed to perform via commands. An authenticated with normal user privilege can execute admini...
Csharp Cws Collaborative Development Platform 10.25
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »