Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
heyder andrade vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2022-24112
An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed ...
Apache Apisix
11 Github repositories
5
CVSSv2
CVE-2009-2335
WordPress and WordPress MU prior to 2.8.1 exhibit different behavior for a failed login attempt depending on whether the user account exists, which allows remote malicious users to enumerate valid usernames. NOTE: the vendor reportedly disputes the significance of this issue, ind...
Wordpress Wordpress
Wordpress Wordpress Mu
1 EDB exploit
3 Github repositories
7.5
CVSSv2
CVE-2022-1388
On F5 BIG-IP 16.1.x versions before 16.1.2.2, 15.1.x versions before 15.1.5.1, 14.1.x versions before 14.1.4.6, 13.1.x versions before 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reac...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
83 Github repositories
4 Articles
NA
CVE-2022-2992
A vulnerability in GitLab CE/EE affecting all versions from 11.10 before 15.1.6, 15.2 to 15.2.4, 15.3 to 15.3.2 allows an authenticated user to achieve remote code execution via the Import from GitHub API endpoint.
Gitlab Gitlab
1 Metasploit module
5 Github repositories
NA
CVE-2022-40684
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 up to and including 7.2.1 and 7.0.0 up to and including 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 up to and including 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0...
Fortinet Fortiswitchmanager 7.0.0
Fortinet Fortiswitchmanager 7.2.0
Fortinet Fortiproxy 7.2.0
Fortinet Fortiproxy
Fortinet Fortios
1 Metasploit module
30 Github repositories
2 Articles
NA
CVE-2023-32707
In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below version 9.0.2303.100, a low-privileged user who holds a role that has the ‘edit_user’ capability assigned to it can escalate their privileges to that of the admin user by...
Splunk Splunk Cloud Platform
Splunk Splunk
1 Metasploit module
3 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started