Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
logic flaw vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-2004
When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protoc...
5.5
CVSSv3
CVE-2021-0127
Insufficient control flow management in some Intel(R) Processors may allow an authenticated user to potentially enable a denial of service via local access.
Netapp Clustered Data Ontap -
Intel Core I7-6700k -
Intel Xeon E3-1240 V5 -
Intel Xeon D-1649n -
Intel Xeon D-1633n -
Intel Xeon D-1637 -
Intel Xeon D-1627 -
Intel Xeon D-1623n -
Intel Xeon D-1622 -
Intel Xeon D-1653n -
Intel Xeon D-1602 -
Intel Xeon D-2141i -
Intel Xeon D-2177nt -
Intel Xeon D-2161i -
Intel Xeon D-2143it -
Intel Xeon D-2146nt -
Intel Xeon D-2145nt -
Intel Xeon D-2123it -
Intel Xeon D-2173it -
Intel Xeon D-2187nt -
Intel Xeon D-2142it -
Intel Xeon D-2163it -
9.8
CVSSv3
CVE-2024-0057
NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
Microsoft Visual Studio 2022
Microsoft Powershell
Microsoft Powershell 7.4
Microsoft .net Framework
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7.2
Microsoft .net Framework 3.5
Microsoft .net Framework 4.8.1
Microsoft .net Framework 2.0
Microsoft .net Framework 3.0
Microsoft .net
Microsoft .net 8.0.0
7.5
CVSSv3
CVE-2021-22904
The actionpack ruby gem prior to 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 suffers from a possible denial of service vulnerability in the Token Authentication logic in Action Controller due to a too permissive regular expression. Impacted code uses `authenticate_or_request_with_http_token...
Rubyonrails Rails
5.5
CVSSv3
CVE-2020-10766
A logic bug flaw was found in Linux kernel prior to 5.8-rc1 in the implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This i...
Linux Linux Kernel
8.1
CVSSv3
CVE-2021-43442
A Logic Flaw vulnerability exists in i3 International Inc Annexxus Camera V5.2.0 build 150317 (Ax46), V5.0.9 build 151106 (Ax68), and V5.0.9 build 150615 (Ax78) due to a failure to allow the creation of more than one administrator account; however, this can be bypassed by paramet...
I3international Ax46 Firmware 5.2.0
I3international Ax68 Firmware 5.0.9
I3international Ax78 Firmware 5.0.9
4.6
CVSSv3
CVE-2023-4010
A flaw was found in the USB Host Controller Driver framework in the Linux kernel. The usb_giveback_urb function has a logic loophole in its implementation. Due to the inappropriate judgment condition of the goto statement, the function cannot return under the input of a specific ...
Linux Linux Kernel -
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
1 Github repository
7.8
CVSSv3
CVE-2023-25144
An improper access control vulnerability in the Trend Micro Apex One agent could allow a local malicious user to gain elevated privileges and create arbitrary directories with arbitrary ownership.
Trendmicro Apex One
Trendmicro Apex One 2019
NA
CVE-2023-6236
A flaw was found in JBoss EAP. When an OIDC app that serves multiple tenants attempts to access the second tenant, it should prompt the user to log in again since the second tenant is secured with a different OIDC configuration. The underlying issue is in OidcSessionTokenStore wh...
8.8
CVSSv3
CVE-2020-15633
This vulnerability allows network-adjacent malicious users to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.20B10_BETA. Authentication is not required to exploit this vulnerability. The specific flaw exists within ...
D-link Dir-867 Firmware
D-link Dir-878 Firmware
D-link Dir-882 Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »