Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unauthorized vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-23110
A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 up to and including 7.4.2, 7.2.0 up to and including 7.2.6, 7.0.0 up to and including 7.0.13, 6.4.0 up to and including 6.4.14, 6.2.0 up to and including 6.2.15, 6.0 all versions allows malicious user to execute unau...
1 Article
NA
CVE-2024-31495
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiPortal versions 7.0.0 up to and including 7.0.6 and version 7.2.0 allows privileged user to obtain unauthorized information via the report download functionality.
NA
CVE-2024-26010
A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 up to and including 1.1.2, 1.0.0 up to and including 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 up to and including 7.2.3, 7.0.1 up to and including 7.0.3, FortiOS version 7.4.0 up ...
NA
CVE-2023-23775
Multiple improper neutralization of special elements used in SQL commands ('SQL Injection') vulnerabilities [CWE-89] in FortiSOAR 7.2.0 and prior to 7.0.3 may allow an authenticated malicious user to execute unauthorized code or commands via specifically crafted strings...
NA
CVE-2023-46720
A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 up to and including 7.4.1 and 7.2.0 up to and including 7.2.7 and 7.0.0 up to and including 7.0.12 and 6.4.6 up to and including 6.4.15 and 6.2.9 up to and including 6.2.16 and 6.0.13 up to and including 6.0.18 allow...
NA
CVE-2024-35206
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected application does not expire the session. This could allow an malicious user to get unauthorized access.
NA
CVE-2024-35209
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected web server is allowing HTTP methods like PUT and Delete. This could allow an malicious user to modify unauthorized files.
NA
CVE-2020-11843
This allows the information exposure to unauthorized users. This issue affects NetIQ Access Manager using version 4.5 or before
NA
CVE-2024-4319
The Advanced Contact form 7 DB plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'vsz_cf7_export_to_excel' function in versions up to, and including, 2.0.2. This makes it possible for unauthenticated malicious use...
NA
CVE-2024-4328
A Cross-Site Request Forgery (CSRF) vulnerability exists in the clear_personality_files_list function of the parisneo/lollms-webui v9.6. The vulnerability arises from the use of a GET request to clear personality files list, which lacks proper CSRF protection. This flaw allows ma...
Parisneo Lollms Web Ui 9.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »