Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
github.com vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-1010178
Fred MODX Revolution < 1.0.0-beta5 is affected by: Incorrect Access Control - CWE-648. The impact is: Remote Code Execution. The component is: assets/components/fred/web/elfinder/connector.php. The attack vector is: Uploading a PHP file or change data in the database. The fixe...
Modx Fred 1.0.0
7.5
CVSSv3
CVE-2023-31058
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users are advised to upgra...
Apache Inlong
6.5
CVSSv3
CVE-2023-31101
Insecure Default Initialization of Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.5.0 up to and including 1.6.0. Users registered in InLong who joined later can see deleted users' data. Users are advised to upgrade...
Apache Inlong 1.5.0
Apache Inlong 1.6.0
NA
CVE-2024-26152
### Summary On all Label Studio versions before 1.11.0, data imported via file upload feature is not properly sanitized prior to being rendered within a [`Choices`](https://labelstud.io/tags/choices) or [`Labels`](https://labelstud.io/tags/labels) tag, resulting in an XSS vulnera...
9.8
CVSSv3
CVE-2022-0664
Use of Hard-coded Cryptographic Key in Go github.com/gravitl/netmaker before 0.8.5,0.9.4,0.10.0,0.10.1.
Gravitl Netmaker
NA
CVE-2024-3727
A flaw was found in the github.com/containers/image library. This flaw allows malicious users to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.
7.5
CVSSv3
CVE-2023-31064
Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 up to and including 1.6.0. the user in InLong could cancel an application that doesn't belongs to it. Users are advised ...
Apache Inlong
9.1
CVSSv3
CVE-2023-31066
Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.6.0. Different users in InLong could delete, edit, stop, and start others' sources! Users are advi...
Apache Inlong
7.5
CVSSv3
CVE-2023-31103
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.6.0. Attackers can change the immutable name and type of cluster of InLong. Users are advised to upgrade to Apache InL...
Apache Inlong
NA
CVE-2023-32302
Rejected reason: Authoritative user requested CVE rejection https://github.com/github/advisory-database/pull/2575#issuecomment-1745811653
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »