Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
abuse abuse vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2018-6756
Authentication Abuse vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and previous versions allows local users to execute unauthorized commands via specially crafted malware.
Mcafee True Key
NA
CVE-2023-7241
Privilege Escalation in WRSA.EXE in Webroot Antivirus 8.0.1X- 9.0.35.12 on Windows64 bit and 32 bit allows malicious software to abuse WRSA.EXE to delete arbitrary and protected files.
5
CVSSv2
CVE-2019-3404
By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C.
360 P0 Router Firmware 3.1.1.65150
360 F5c Router Firmware 3.1.1.65150
4
CVSSv2
CVE-2018-9064
In Lenovo xClarity Administrator versions earlier than 2.1.0, an authenticated LXCA user may abuse a web API debug call to retrieve the credentials for the System Manager user.
Lenovo Xclarity Administrator
6.5
CVSSv2
CVE-2019-11848
An API abuse vulnerability exists in the AT command API of ALEOS prior to 4.13.0, 4.9.5, 4.4.9 due to lack of length checking when handling certain user-provided values.
Sierrawireless Aleos
4
CVSSv2
CVE-2019-6452
Kyocera Command Center RX TASKalfa4501i and TASKalfa5052ci allows remote malicious users to abuse the Test button in the machine address book to obtain a cleartext FTP or SMB password.
Kyocera Command Center Rx -
NA
CVE-2023-6866
TypedArrays can be fallible and lacked proper exception handling. This could lead to abuse in other APIs which expect TypedArrays to always succeed. This vulnerability affects Firefox < 121.
Mozilla Firefox
NA
CVE-2022-4794
The AAWP WordPress plugin prior to 3.12.3 can be used to abuse trusted domains to load malware or other files through it (Reflected File Download) to bypass firewall rules in companies.
Getaawp Amazon Affiliate Wordpress Plugin
NA
CVE-2023-3632
Use of Hard-coded Cryptographic Key vulnerability in Sifir Bes Education and Informatics Kunduz - Homework Helper App allows Authentication Abuse, Authentication Bypass.This issue affects Kunduz - Homework Helper App: prior to 6.2.3.
Kunduz Kunduz
NA
CVE-2023-2713
Authorization Bypass Through User-Controlled Key vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Authentication Abuse, Authentication Bypass.This issue affects Rental Module: prior to 23.05.15.
Rental Module Project Rental Module
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27842
CVE-2024-30657
CVE-2024-4534
hardcoded
SSRF
CVE-2024-21683
CVE-2024-5364
file upload
CVE-2024-5371
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »