Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-28886
OS command injection vulnerability exists in UTAU versions prior to v0.4.19. If a user of the product opens a crafted UTAU project file (.ust file), an arbitrary OS command may be executed.
NA
CVE-2024-32944
Path traversal vulnerability exists in UTAU versions prior to v0.4.19. If a user of the product installs a crafted UTAU voicebank installer (.uar file, .zip file) to UTAU, an arbitrary file may be placed.
NA
CVE-2024-5084
π HashForm Exploit Script This script demonstrates the exploitation of CVE-2024-5084, a vulnerability in the Hash Form plugin for WordPress, which allows unauthenticated arbitrary file upload leading to remote code execution. π Vulnerability Details Name: CVE-2024-5084 Descripti...
1 Github repository
NA
CVE-2024-35181
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries p...
NA
CVE-2024-35182
Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries p...
NA
CVE-2022-4969
A vulnerability, which was classified as critical, has been found in bwoodsend rockhopper up to 0.1.2. Affected by this issue is the function count_rows of the file rockhopper/src/ragged_array.c of the component Binary Parser. The manipulation of the argument raw leads to buffer ...
NA
CVE-2024-35236
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to version 2.10.0, opening an ebook with malicious scripts inside leads to code execution inside the browsing context. Attacking a user with high privileges (upload, creation of libraries) can lead to remote code...
NA
CVE-2024-32978
Kaminari is a paginator for web app frameworks and object relational mappings. A security vulnerability involving insecure file permissions has been identified in the Kaminari pagination library for Ruby on Rails, concerning insecure file permissions. This vulnerability is of mod...
NA
CVE-2024-3552
CVE-2024-3552-Poc CVE-2024-3552 Web Directory Free <= 1.6.9 - Unauthenticated SQL Injection Description The Web Directory Free plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 1.6.9 due to insufficient escaping on a user supplied pa...
1 Github repository
NA
CVE-2024-34477
configureNFS in lib/common/functions.sh in FOG up to and including 1.5.10 allows local users to gain privileges by mounting a crafted NFS share (because of no_root_squash and insecure). In order to exploit the vulnerability, someone needs to mount an NFS share in order to add an ...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You donβt have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »