Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
knowledge vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2024-3094
Malicious code exists in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific fun...
Tukaani Xz 5.6.1
Tukaani Xz 5.6.0
84 Github repositories
6 Articles
9.9
CVSSv3
CVE-2023-26489
wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime's code generator, Cranelift, has a bug on x86_64 targets where address-mode computation mistakenly would calculate a 35-bit effective address instead of WebAssembly's defined 33-bit eff...
Bytecodealliance Wasmtime 6.0.0
Bytecodealliance Wasmtime 5.0.0
Bytecodealliance Wasmtime
Bytecodealliance Cranelift-codegen 0.93.0
Bytecodealliance Cranelift-codegen 0.92.0
Bytecodealliance Cranelift-codegen
9.8
CVSSv3
CVE-2024-23653
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In addition to running containers as build steps, BuildKit also provides APIs for running interactive containers based on built images. It was possible to use th...
Mobyproject Buildkit
3 Github repositories
9.8
CVSSv3
CVE-2022-41731
IBM Watson Knowledge Catalog on Cloud Pak for Data 4.5.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database. IBM X-Force ID: 237402...
Ibm Watson Knowledge Catalog On Cloud Pak For Data 4.5.0
9.8
CVSSv3
CVE-2022-43755
A Insufficient Entropy vulnerability in SUSE Rancher allows attackers that gained knowledge of the cattle-token to continue abusing this even after the token was renewed. This issue affects: SUSE Rancher Rancher versions before 2.6.10; Rancher versions before 2.7.1.
Suse Rancher
9.8
CVSSv3
CVE-2022-34442
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain LDAP us...
Dell Emc Secure Connect Gateway Policy Manager
9.8
CVSSv3
CVE-2022-34441
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain admin p...
Dell Emc Secure Connect Gateway Policy Manager
9.8
CVSSv3
CVE-2022-34440
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain admin pr...
Dell Emc Secure Connect Gateway Policy Manager
9.8
CVSSv3
CVE-2022-42785
Multiple W&T products of the ComServer Series are prone to an authentication bypass. An unathenticated remote attacker, can log in without knowledge of the password by crafting a modified HTTP GET Request.
Wut At-modem-emulator Firmware
Wut Com-server \\+\\+ Firmware
Wut Com-server 20ma Firmware
Wut Com-server Highspeed 100basefx Firmware
Wut Com-server Highspeed 100baselx Firmware
Wut Com-server Highspeed 19\\\" 1port Firmware
Wut Com-server Highspeed 19\\\" 4port Firmware
Wut Com-server Highspeed Compact Firmware
Wut Com-server Highspeed Industry Firmware
Wut Com-server Highspeed Isolated Firmware
Wut Com-server Highspeed Oem Firmware
Wut Com-server Highspeed Office 1port Firmware
Wut Com-server Highspeed Office 4port Firmware
Wut Com-server Highspeed Poe Firmware
Wut Com-server Highspeed Lc Firmware
Wut Com-server Highspeed Ul Firmware
Wut Com-server Highspeed Poe 3x Isolated Firmware
9.8
CVSSv3
CVE-2022-2025
an attacker with knowledge of user/pass of Grandstream GSD3710 in its 1.0.11.13 version, could overflow the stack since it doesn't check the param length before use the strcopy instruction. The explotation of this vulnerability may lead an malicious user to execute a shell w...
Grandstream Gds3710 Firmware 1.0.11.13
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »