Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
logic flaw vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2012-3462
A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.
Fedoraproject Sssd 1.9.0
7.5
CVSSv3
CVE-2023-35133
An issue in the logic used to check 0.0.0.0 against the cURL blocked hosts lists resulted in an SSRF risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and previous versions unsupported versions.
Moodle Moodle 4.2.0
Moodle Moodle
4.6
CVSSv3
CVE-2018-3891
An exploitable firmware downgrade vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw, resulting in a firmware downgrade. An attacker can insert an SD card to trigger this vulnerability.
Yitechnology Yi Home Camera Firmware 1.8.7.0d
5.3
CVSSv3
CVE-2018-16157
waimai Super Cms 20150505 has a logic flaw allowing malicious users to modify a price, before form submission, by observing data in a packet capture. By setting the index.php?m=cart&a=save item_totals parameter to zero, the entire cart is sold for free.
Bijiadao Waimai Super Cms 20150505
6.8
CVSSv3
CVE-2018-3890
An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw and command injection, resulting in code execution. An attacker can insert an SD card to trigger this vulnerabi...
Yitechnology Yi Home Camera Firmware 1.8.7.0d
6.8
CVSSv3
CVE-2023-46446
An issue in AsyncSSH prior to 2.14.1 allows malicious users to control the remote end of an SSH client session via packet injection/removal and shell emulation, aka a "Rogue Session Attack."
Asyncssh Project Asyncssh
1 Article
7.8
CVSSv3
CVE-2020-6070
An exploitable code execution vulnerability exists in the file system checking functionality of fsck.f2fs 1.12.0. A specially crafted f2fs file can cause a logic flaw and out-of-bounds heap operations, resulting in code execution. An attacker can provide a malicious file to trigg...
F2fs-tools Project F2fs-tools 1.12.0
Fedoraproject Fedora 33
5.3
CVSSv3
CVE-2016-2169
Cloud Foundry Cloud Controller, capi-release versions before 1.0.0 and cf-release versions prior to v237, contain a business logic flaw. An application developer may create an application with a route that conflicts with a platform service route and receive traffic intended for t...
Cloudfoundry Capi-release
Cloudfoundry Cf-release
7.5
CVSSv3
CVE-2018-16789
libhttp/url.c in shellinabox up to and including 2.20 has an implementation flaw in the HTTP request parsing logic. By sending a crafted multipart/form-data HTTP request, an attacker could exploit this to force shellinaboxd into an infinite loop, exhausting available CPU resource...
Shellinabox Project Shellinabox
6.7
CVSSv3
CVE-2019-1649
A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local malicious user to write a modified firmware image to the component. This vulnerability affects mul...
Cisco Asa 5500 Firmware
Cisco Firepower 2100 Firmware
Cisco Firepower 4000 Firmware
Cisco Firepower 9000 Firmware
Cisco Ons 15454 Mstp Firmware
Cisco Analog Voice Network Interface Modules Firmware
Cisco Integrated Services Router T1\\/e1 Voice And Wan Network Interface Modules Firmware
Cisco Supervisor A\\+ Firmware
Cisco Supervisor B\\+ Firmware
Cisco 15454-m-wse-k9 Firmware
Cisco Ios Xe
Cisco Ios
Cisco Industrial Security Appliances 3000 Firmware
Cisco Integrated Services Router 4200 Firmware
Cisco Integrated Services Router 4300 Firmware
Cisco Integrated Services Router 4400 Firmware
Cisco Asr 1000 Series Firmware
Cisco Asr 1001 Firmware 16.0.0
Cisco Ios Xr 7.0.1
Cisco Catalyst 9800-40 Wireless Controller Firmware -
Cisco Catalyst 9800-80 Wireless Controller Firmware -
Cisco Ic3000-k9 Firmware
2 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2108
CVE-2024-31061
CVE-2024-25959
CVE-2023-45866
injection
IDOR
memory leak
CVE-2024-1086
CVE-2023-42931
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »