Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4670
The All-in-One Video Gallery plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.6.5 via the aiovg_search_form shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to include and exe...
NA
CVE-2024-4894
ITPison OMICARD EDM fails to properly filter specific URL parameter, allowing unauthenticated remote malicious users to modify the parameters and conduct Server-Side Request Forgery (SSRF) attacks. This vulnerability enables malicious users to probe internal network information.
NA
CVE-2024-4561
In WhatsUp Gold versions released prior to 2023.1.2 , a blind SSRF vulnerability exists in Whatsup Gold's FaviconController that allows an malicious user to send arbitrary HTTP requests on behalf of the vulnerable server.
NA
CVE-2024-4562
In WhatsUp Gold versions released prior to 2023.1.2 , an SSRF vulnerability exists in Whatsup Gold's Issue exists in the HTTP Monitoring functionality. Due to the lack of proper authorization, any authenticated user can access the HTTP monitoring functionality, what leads t...
NA
CVE-2024-0862
The Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains a Server-Side Request Forgery vulnerability that allows an authenticated user to relay HTTP requests from the Protection server to otherwise private network addresses.
NA
CVE-2024-30040
Windows MSHTML Platform Security Feature Bypass Vulnerability
Microsoft Windows Server 2022 23h2
Microsoft Windows 10 22h2
Microsoft Windows 11 23h2
Microsoft Windows 11 22h2
Microsoft Windows Server 2019
Microsoft Windows 10 1809
Microsoft Windows Server 2022
Microsoft Windows 11 21h2
Microsoft Windows 10 21h2
Microsoft Windows 10 1507
Microsoft Windows 10 1607
Microsoft Windows Server 2016
2 Articles
NA
CVE-2024-30043
Microsoft SharePoint Server Information Disclosure Vulnerability
1 Article
NA
CVE-2024-30044
Microsoft SharePoint Server Remote Code Execution Vulnerability
2 Articles
NA
CVE-2024-30051
Windows DWM Core Library Elevation of Privilege Vulnerability
Microsoft Windows 10 22h2
Microsoft Windows 11 23h2
Microsoft Windows 11 22h2
Microsoft Windows Server 2019
Microsoft Windows 10 1809
Microsoft Windows Server 2022
Microsoft Windows 11 21h2
Microsoft Windows 10 21h2
Microsoft Windows 10 1507
Microsoft Windows 10 1607
Microsoft Windows Server 2016
3 Articles
NA
CVE-2024-31491
A client-side enforcement of server-side security in Fortinet FortiSandbox version 4.4.0 up to and including 4.4.4 and 4.2.0 up to and including 4.2.6 allows malicious user to execute unauthorized code or commands via HTTP requests.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »