Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bypass vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-5581
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
1 EDB exploit
7.8
CVSSv3
CVE-2013-5582
Ammyy Admin 3.2 and previous versions stores the client ID at a fixed memory location, which might make it easier for user-assisted remote malicious users to bypass authentication by running a local program that extracts a field from the AA_v3.2.exe file.
Ammyy Ammyy Admin
1 EDB exploit
3.3
CVSSv3
CVE-2018-7289
An issue exists in armadito-windows-driver/src/communication.c in Armadito 0.12.7.2. Malware with filenames containing pure UTF-16 characters can bypass detection. The user-mode service will fail to open the file for scanning after the conversion is done from Unicode to ANSI. Thi...
Teclib-edition Armadito Antivirus 0.12.7.2
1 EDB exploit
5.3
CVSSv3
CVE-2018-16242
oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows malicious users to bypass the locking mechanism by using Bluetooth Low Energy (BLE) to replay ciphertext based on a predictable nonce used in the locking protocol.
O.bike Smart Locker Firmware -
O.bike Obike-stationless Bike Sharing 2.5.4
1 Github repository
9.8
CVSSv3
CVE-2020-11532
Zoho ManageEngine DataSecurity Plus before 6.0.1 uses default admin credentials to communicate with a DataEngine Xnode server. This allows an malicious user to bypass authentication for this server and execute all operations in the context of admin user.
Zohocorp Manageengine Adaudit Plus
Zohocorp Manageengine Datasecurity Plus
9.8
CVSSv3
CVE-2014-7279
The Konke Smart Plug K does not require authentication for TELNET sessions, which allows remote malicious users to obtain "equipment management authority" via TCP traffic to port 23.
Kankunit Konke Smart Plug Firmware K
1 EDB exploit
9.8
CVSSv3
CVE-2019-17240
bl-kernel/security.class.php in Bludit 3.9.2 allows malicious users to bypass a brute-force protection mechanism by using many different forged X-Forwarded-For or Client-IP HTTP headers.
Bludit Bludit 3.9.2
20 Github repositories
NA
CVE-2014-5246
The Shenzhen Tenda Technology Tenda A5s router with firmware 3.02.05_CN allows remote malicious users to bypass authentication and gain administrator access by setting the admin:language cookie to zh-cn.
Tenda A5s Firmware 3.02.05 Cn
Tenda A5s -
1 EDB exploit
NA
CVE-2005-1787
setup.php in phpStat 1.5 allows remote malicious users to bypass authentication and gain administrator privileges by setting the $check variable.
Phpstat Phpstat -
3 EDB exploits
NA
CVE-2013-1727
Mozilla Firefox prior to 24.0 on Android allows malicious users to bypass the Same Origin Policy, and consequently conduct cross-site scripting (XSS) attacks or obtain password or cookie information, by using a symlink in conjunction with a file: URL for a local file.
Mozilla Firefox 19.0
Mozilla Firefox 22.0
Mozilla Firefox 20.0
Mozilla Firefox
Mozilla Firefox 19.0.2
Mozilla Firefox 19.0.1
Mozilla Firefox 23.0
Mozilla Firefox 21.0
Mozilla Firefox 20.0.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »