Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
logic flaw vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-30600
A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed....
Moodle Moodle
Moodle Moodle 4.0.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
3 Github repositories available
NA
CVE-2022-25369
Logic Flaw Leading to remote code execution in Dynamicweb 9.5.0 - 9.12.7....
516
VMScore
CVE-2019-3902
A flaw was found in Mercurial before 4.9. It was possible to use symlinks and subrepositories to defeat Mercurial's path-checking logic and write files outside a repository....
Mercurial Mercurial
Redhat Enterprise Linux 7.0
Debian Debian Linux 8.0
1 Github repository available
445
VMScore
CVE-2018-8761
protected\apps\member\controller\shopcarController.php in Yxcms building system (compatible cell phone) v1.4.7 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture....
Yxcms Yxcms 1.4.7
NA
CVE-2021-24046
A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture duration limit to be modified through the Facebook View application. This issue affected versions of device software before 2107460.6810.0....
Ray-ban Stories Rw4003 65582v 48-23 Firmware
Ray-ban Stories Rw4002 601\\/71 50-22 Firmware
Ray-ban Stories Rw4005 656013 51-20 Firmware
Ray-ban Stories Rw4005 6563m3 51-20 Firmware
668
VMScore
CVE-2016-4322
BMC BladeLogic Server Automation (BSA) before 8.7 Patch 3 allows remote attackers to bypass authentication and consequently read arbitrary files or possibly have unspecified other impact by leveraging a "logic flaw" in the authentication process....
Bmc Bladelogic Server Automation Console 8.7.00
NA
CVE-2020-12394
A logic flaw in our location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the input element. This vulnerability affects Firefox < 76....
Mozilla Firefox
605
VMScore
CVE-2018-8715
The Embedthis HTTP library, and Appweb versions before 7.0.3, have a logic flaw related to the authCondition function in http/httpLib.c. With a forged HTTP request, it is possible to bypass authentication for the form and digest login types....
Embedthis Appweb
7 Github repositories available
NA
CVE-2020-10778
In Red Hat CloudForms 4.7 and 5, the read only widgets can be edited by inspecting the forms and dropping the disabled attribute from the fields since there is no server-side validation. This business logic flaw violate the expected behavior....
Redhat Cloudforms 4.7
Redhat Cloudforms 5.0.0
1 Github repository available
NA
CVE-2022-23948
A flaw was found in Keylime before 6.3.0. The logic in the Keylime agent for checking for a secure mount can be fooled by previously created unprivileged mounts allowing secrets to be leaked to other processes on the host....
Keylime Keylime
1 Github repository available
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-25675
CVE-2023-21072
physical
CVE-2023-28446
encryption
CVE-2023-21076
server-side request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »
Vulmon