Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
Recent vulnerabilities and exploits
NA
CVE-2023-28952
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to injection attacks in application logging by not sanitizing user provided data. IBM X-Force ID: 251463.
NA
CVE-2024-30851
Directory Traversal vulnerability in codesiddhant Jasmin Ransomware v.1.0.1 allows an malicious user to obtain sensitive information via the download_file.php component.
1 Github repository
NA
CVE-2021-20450
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will b...
NA
CVE-2024-28519
A kernel handle leak issue in ProcObsrvesx.sys 4.0.0.49 in MicroWorld Technologies Inc eScan Antivirus could allow privilege escalation for low-privileged users.
NA
CVE-2024-31636
An issue in LIEF v.0.14.1 allows a local malicious user to obtain sensitive information via the name parameter of the machd_reader.c component.
NA
CVE-2024-33792
A cross-site scripting (XSS) vulnerability in netis-systems MEX605 v2.00.06 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the tracert page.
NA
CVE-2024-33789
Linksys E5600 v1.1.0.26 exists to contain a command injection vulnerability via the ipurl parameter at /API/info form endpoint.
NA
CVE-2020-4874
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 190837.
NA
CVE-2024-33791
A cross-site scripting (XSS) vulnerability in netis-systems MEX605 v2.00.06 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the getTimeZone function.
NA
CVE-2024-33793
A cross-site scripting (XSS) vulnerability in netis-systems MEX605 v2.00.06 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the ping test page.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »