Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
logic flaw vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-10267
Universal Robots control box CB 3.1 across firmware versions (tested on 1.12.1, 1.12, 1.11 and 1.10) does not encrypt or protect in any way the intellectual property artifacts installed from the UR+ platform of hardware and software components (URCaps). These files (*.urcaps) are...
Universal-robots Ur Software
7.8
CVSSv3
CVE-2022-40304
An issue exists in libxml2 prior to 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.
Xmlsoft Libxml2
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Active Iq Unified Manager -
Netapp Manageability Software Development Kit -
Netapp Snapmanager -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Apple Macos
Apple Watchos
Apple Tvos
Apple Ipados
Apple Iphone Os
5.9
CVSSv3
CVE-2017-6512
Race condition in the rmtree and remove_tree functions in the File-Path module prior to 2.13 for Perl allows malicious users to set the mode on arbitrary files via vectors involving directory-permission loosening logic.
File Path Project
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 17.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
NA
CVE-2024-5482
A Server-Side Request Forgery (SSRF) vulnerability exists in the 'add_webpage' endpoint of the parisneo/lollms-webui application, affecting the latest version. The vulnerability arises because the application does not adequately validate URLs entered by users, allowing ...
5.3
CVSSv3
CVE-2017-9502
In curl prior to 7.54.1 on Windows and DOS, libcurl's default protocol function, which is the logic that allows an application to set which protocol libcurl should attempt to use when given a URL without a scheme part, had a flaw that could lead to it overwriting a heap base...
Haxx Curl
1 Github repository
7.1
CVSSv3
CVE-2022-26773
A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. An application may be able to delete files for which it does not have permission.
Apple Itunes
7.8
CVSSv3
CVE-2018-20669
An issue where a provided address with access_ok() is not checked exists in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel up to and including 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary ...
Linux Linux Kernel
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Snapprotect -
Netapp Cn1610 Firmware -
1 Article
7.5
CVSSv3
CVE-2022-40303
An issue exists in libxml2 prior to 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation...
Xmlsoft Libxml2
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Active Iq Unified Manager -
Netapp Snapmanager -
Netapp Netapp Manageability Sdk -
Apple Macos
Apple Watchos
Apple Tvos
Apple Ipados
Apple Iphone Os
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
7.8
CVSSv3
CVE-2017-5731
Bounds checking in Tianocompress before November 7, 2017 may allow an authenticated user to potentially enable an escalation of privilege via local access.
Tianocore Edk2
NA
CVE-2017-5734
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »