Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
github.com vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-29269
An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows malicious users to run arbitrary system commands via the Cmd parameter.
2 Github repositories
NA
CVE_2023_36664
Ghostscript command injection vulnerability PoC (CVE-2023-36664) Vulnerability disclosed in Ghostscript prior to version 10.01.2 leads to code execution (CVSS score 9.8). Official vulnerability description: Artifex Ghostscript through 10.01.2 mishandles permission validation for...
1 Github repository
NA
CVE-2024-29195
The azure-c-shared-utility is a C library for AMQP/MQTT communication to Azure Cloud Services. This library may be used by the Azure IoT C SDK for communication between IoT Hub and IoT Hub devices. An attacker can cause an integer wraparound or under-allocation or heap buffer ove...
NA
CVE-2024-29041
Express.js minimalist web framework for node. Versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express ...
NA
CVE_2022_21882
OSEP-Notes Initial Access HTA Fileless Initial Access Reverse Shell (AppLocker + CLM + Defender Bypass) Scenario: You can make a user execute your malicious HTA files, but AppLocker, CLM, and Defender block all payloads. To get a fileless reverse shell, one method that worked for...
1 Github repository
NA
CVE-2024-1394
A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs?. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey? and...
NA
CVE-2024-22412
ClickHouse is an open-source column-oriented database management system. A bug exists in the cloud ClickHouse offering prior to version 24.0.2.54535 and in github.com/clickhouse/clickhouse version 23.1. Query caching bypasses the role based access controls and the policies being ...
NA
CVE_2021_38647
CVE-2021-38647 AKA "OMIGOD" A Zeek package which detects CVE-2021-38647 AKA OMIGOD exploit attempts. https://corelight.com/blog/detecting-cve-2021-38647-omigod https://www.wiz.io/blog/omigod-critical-vulnerabilities-in-omi-azure https://msrc.microsoft.com/update-guide/v...
1 Github repository
NA
CVE-2024-26580
Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong: from 1.8.0 up to and including 1.10.0, the attackers can use the specific payload to read from an arbitrary file. Users are advised to upgrade to Apache InLong's 1.11.0 or cher...
NA
CVE-2021-47096
In the Linux kernel, the following vulnerability has been resolved: ALSA: rawmidi - fix the uninitalized user_pversion The user_pversion was uninitialized for the user space file structure in the open function, because the file private structure use kmalloc for the allocation. Th...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »