Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
logic flaw vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-25586
A flaw was found in Binutils. A logic fail in the bfd_init_section_decompress_status function may lead to the use of an uninitialized variable that can cause a crash and local denial of service.
Gnu Binutils 2.40
7.5
CVSSv3
CVE-2018-8761
protected\apps\member\controller\shopcarController.php in Yxcms building system (compatible cell phone) v1.4.7 has a logic flaw allowing malicious users to modify a price, before form submission, by observing data in a packet capture.
Yxcms Yxcms 1.4.7
NA
CVE-2024-2004
When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protoc...
9.8
CVSSv3
CVE-2016-4322
BMC BladeLogic Server Automation (BSA) prior to 8.7 Patch 3 allows remote malicious users to bypass authentication and consequently read arbitrary files or possibly have unspecified other impact by leveraging a "logic flaw" in the authentication process.
Bmc Bladelogic Server Automation Console 8.7.00
9.8
CVSSv3
CVE-2024-22206
Clerk helps developers build user management. Unauthorized access or privilege escalation due to a logic flaw in auth() in the App Router or getAuth() in the Pages Router. This vulnerability was patched in version 4.29.3.
Clerk Javascript
5.3
CVSSv3
CVE-2021-24046
A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture duration limit to be modified through the Facebook View application. This issue affected versions of device software prior to 2107460.6810.0.
Ray-ban Stories Rw4003 65582v 48-23 Firmware
Ray-ban Stories Rw4002 601\\/71 50-22 Firmware
Ray-ban Stories Rw4005 656013 51-20 Firmware
Ray-ban Stories Rw4005 6563m3 51-20 Firmware
6.3
CVSSv3
CVE-2023-4380
A logic flaw exists in Ansible Automation platform. Whenever a private project is created with incorrect credentials, they are logged in plaintext. This flaw allows an malicious user to retrieve the credentials from the log, resulting in the loss of confidentiality, integrity, an...
Redhat Ansible Automation Platform 2.4
Redhat Ansible Developer 1.1
Redhat Ansible Inside 1.2
NA
CVE-2013-6945
The M2M Broker in OSEHRA VistA, as distributed before September 30, 2013, allows malicious users to bypass authentication and authorization to perform doctor-only actions and read or modify patient records via unspecified vectors related to a "logic flaw."
Osehra Vista -
7.5
CVSSv3
CVE-2022-23948
A flaw was found in Keylime prior to 6.3.0. The logic in the Keylime agent for checking for a secure mount can be fooled by previously created unprivileged mounts allowing secrets to be leaked to other processes on the host.
Keylime Keylime
6
CVSSv3
CVE-2020-10778
In Red Hat CloudForms 4.7 and 5, the read only widgets can be edited by inspecting the forms and dropping the disabled attribute from the fields since there is no server-side validation. This business logic flaw violate the expected behavior.
Redhat Cloudforms 4.7
Redhat Cloudforms 5.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »