Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
logic flaw vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-6236
A flaw was found in JBoss EAP. When an OIDC app that serves multiple tenants attempts to access the second tenant, it should prompt the user to log in again since the second tenant is secured with a different OIDC configuration. The underlying issue is in OidcSessionTokenStore wh...
1.9
CVSSv2
CVE-2022-0563
A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error mes...
Kernel Util-linux
Netapp Ontap Select Deploy Administration Utility -
1 Github repository
NA
CVE-2022-27645
This vulnerability allows network-adjacent malicious users to bypass authentication on affected installations of NETGEAR R6700v3 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within readycloud_control.cgi. The issue results from t...
Netgear Lax20 Firmware
Netgear R6400 Firmware
Netgear R6700 Firmware
Netgear R7000 Firmware
Netgear R7850 Firmware
Netgear R7900p Firmware
Netgear R7960p Firmware
Netgear R8000 Firmware
Netgear R8000p Firmware
Netgear R8500 Firmware
Netgear Rax15 Firmware
Netgear Rax20 Firmware
Netgear Rax200 Firmware
Netgear Rax35 Firmware
Netgear Rax38 Firmware
Netgear Rax40 Firmware
Netgear Rax42 Firmware
Netgear Rax43 Firmware
Netgear Rax45 Firmware
Netgear Rax48 Firmware
Netgear Rax50 Firmware
Netgear Rax50s Firmware
4.9
CVSSv2
CVE-2020-12771
An issue exists in the Linux kernel up to and including 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.
Linux Linux Kernel
Debian Debian Linux 9.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Netapp Cloud Backup -
Netapp Element Software -
Netapp Steelstore Cloud Integrated Storage -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Hci Bootstrap Os -
Netapp A700s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
8.3
CVSSv2
CVE-2020-27865
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the uhttpd serv...
Dlink Dap-1860 Firmware
NA
CVE-2023-29469
An issue exists in libxml2 prior to 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an...
Xmlsoft Libxml2
Debian Debian Linux 10.0
1 Github repository
4.6
CVSSv2
CVE-2018-3613
Logic issue in variable service module for EDK II/UDK2018/UDK2017/UDK2015 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
Tianocore Edk Ii Udk2017
Tianocore Edk Ii Udk2015
Tianocore Edk Ii Udk2018
1.9
CVSSv2
CVE-2020-10767
A flaw was found in the Linux kernel prior to 5.8-rc1 in the implementation of the Enhanced IBPB (Indirect Branch Prediction Barrier). The IBPB mitigation will be disabled when STIBP is not available or when the Enhanced Indirect Branch Restricted Speculation (IBRS) is available....
Linux Linux Kernel
4
CVSSv2
CVE-2020-3365
A vulnerability in the directory permissions of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote malicious user to perform a directory traversal attack on a limited set of restricted directories. The vulnerability is due to a flaw in the l...
Cisco Enterprise Network Function Virtualization Infrastructure
2.1
CVSSv2
CVE-2021-26892
Windows Extensible Firmware Interface Security Feature Bypass Vulnerability
Microsoft Windows 10 1607
Microsoft Windows Server 2016 -
Microsoft Windows 10 1803
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows Server 2016 1909
Microsoft Windows 10 1909
Microsoft Windows 10 2004
Microsoft Windows Server 2016 2004
Microsoft Windows 10 20h2
Microsoft Windows Server 2016 20h2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »