Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
abuse abuse vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-3050
Reliance on Cookies without Validation and Integrity Checking in a Security Decision vulnerability in TMT Lockcell allows Privilege Abuse, Authentication Bypass.This issue affects Lockcell: prior to 15.
Tmtmakine Lockcell Firmware
5
CVSSv2
CVE-2019-3404
By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C.
360 P0 Router Firmware 3.1.1.65150
360 F5c Router Firmware 3.1.1.65150
NA
CVE-2023-7241
Privilege Escalation in WRSA.EXE in Webroot Antivirus 8.0.1X- 9.0.35.12 on Windows64 bit and 32 bit allows malicious software to abuse WRSA.EXE to delete arbitrary and protected files.
4
CVSSv2
CVE-2019-6452
Kyocera Command Center RX TASKalfa4501i and TASKalfa5052ci allows remote malicious users to abuse the Test button in the machine address book to obtain a cleartext FTP or SMB password.
Kyocera Command Center Rx -
4
CVSSv2
CVE-2018-9064
In Lenovo xClarity Administrator versions earlier than 2.1.0, an authenticated LXCA user may abuse a web API debug call to retrieve the credentials for the System Manager user.
Lenovo Xclarity Administrator
NA
CVE-2023-6866
TypedArrays can be fallible and lacked proper exception handling. This could lead to abuse in other APIs which expect TypedArrays to always succeed. This vulnerability affects Firefox < 121.
Mozilla Firefox
6.5
CVSSv2
CVE-2019-11848
An API abuse vulnerability exists in the AT command API of ALEOS prior to 4.13.0, 4.9.5, 4.4.9 due to lack of length checking when handling certain user-provided values.
Sierrawireless Aleos
NA
CVE-2022-4794
The AAWP WordPress plugin prior to 3.12.3 can be used to abuse trusted domains to load malware or other files through it (Reflected File Download) to bypass firewall rules in companies.
Getaawp Amazon Affiliate Wordpress Plugin
NA
CVE-2023-3632
Use of Hard-coded Cryptographic Key vulnerability in Sifir Bes Education and Informatics Kunduz - Homework Helper App allows Authentication Abuse, Authentication Bypass.This issue affects Kunduz - Homework Helper App: prior to 6.2.3.
Kunduz Kunduz
NA
CVE-2023-2713
Authorization Bypass Through User-Controlled Key vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Authentication Abuse, Authentication Bypass.This issue affects Rental Module: prior to 23.05.15.
Rental Module Project Rental Module
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »