Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
notices vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-1890
The Tablesome WordPress plugin prior to 1.0.9 does not escape various generated URLs, before outputting them in attributes when some notices are displayed, leading to Reflected Cross-Site Scripting
Pauple Tablesome
9.8
CVSSv3
CVE-2020-12645
OX App Suite 7.10.1 to 7.10.3 has improper input validation for rate limits with a crafted User-Agent header, spoofed vacation notices, and /apps/load memory consumption.
Open-xchange Open-xchange Appsuite
8.8
CVSSv3
CVE-2022-4937
The WCFM Frontend Manager plugin for WordPress is vulnerable to unauthorized modification and access of data in versions up to, and including, 6.6.0 due to missing capability checks on various AJAX actions. This makes it possible for authenticated attackers, with minimal permissi...
Wclovers Frontend Manager For Woocommerce Along With Bookings Subscription Listings Compatible
8.8
CVSSv3
CVE-2022-4938
The WCFM Frontend Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.6.0 due to missing nonce checks on various AJAX actions. This makes it possible for unauthenticated malicious users to perform a wide variety of actions ...
Wclovers Frontend Manager For Woocommerce Along With Bookings Subscription Listings Compatible
5.4
CVSSv3
CVE-2023-46126
Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in runtime environments, helping enforce privacy regulations in code. The Fides web application allows users to edit consent and privacy notices such as cookie banners. The ...
Ethyca Fides
NA
CVE-2024-0681
The Page Restriction WordPress (WP) – Protect WP Pages/Post plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 1.3.4. This is due to the plugin not properly restricting access to pages via the REST API when a page has been mad...
NA
CVE-2007-1415
Multiple PHP remote file inclusion vulnerabilities in PMB Services 3.0.13 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the (1) class_path parameter to (a) includes/resa_func.inc.php (b) admin/notices/perso.inc.php, or (c) admin/quo...
Pmb Services Pmb Services
1 EDB exploit
NA
CVE-2014-3347
Cisco IOS 15.1(4)M2 on Cisco 1800 ISR devices, when the ISDN Basic Rate Interface is enabled, allows remote malicious users to cause a denial of service (device hang) by leveraging knowledge of the ISDN phone number to trigger an interrupt timer collision during entropy collectio...
Cisco Ios 15.1\\(4\\)m2
Cisco 1802 Integrated Service Router -
Cisco 1803 Integrated Service Router -
Cisco 1801 Integrated Service Router -
Cisco 1811 Integrated Service Router -
Cisco 1812 Integrated Service Router -
Cisco 1841 Integrated Service Router -
Cisco 1861 Integrated Service Router -
NA
CVE-2010-1568
The Send Secure functionality in the Cisco IronPort Desktop Flag Plug-in for Outlook prior to 6.5.0-006 does not properly handle simultaneously composed messages, which might allow remote malicious users to obtain cleartext contents of e-mail messages that were intended to be enc...
Cisco Ironport Desktop Flag Plugin For Outlook 6.2.4.3
Cisco Ironport Desktop Flag Plugin For Outlook
NA
CVE_2021_38647
CVE-2021-38647 AKA "OMIGOD" A Zeek package which detects CVE-2021-38647 AKA OMIGOD exploit attempts. https://corelight.com/blog/detecting-cve-2021-38647-omigod https://www.wiz.io/blog/omigod-critical-vulnerabilities-in-omi-azure https://msrc.microsoft.com/update-guide/v...
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2