43 matches found
CVE-2026-45459
The CVE-2026-45459 entry concerns Microsoft Excel. A protection-mechanism failure in Excel is described as allowing a local attacker to bypass a security feature. According to the available data, the vulnerability has a low base score (CVSS 3.1: 3.3), with LOCAL attack vector, LOW attack complexi...
CVE-2026-21422
Dell PowerScale OneFS (versions 9.10.0.0–9.10.1.5 and 9.11.0.0–9.12.0.1) contains an external control of a system or configuration setting vulnerability. A high-privileged attacker with local access could potentially exploit this to bypass protection mechanisms. The available references describe ...
CVE-2025-43728
Dell ThinOS 10, versions prior to 250810.0127, contain a Protection Mechanism Failure vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass...
PT-2025-34864
Name of the Vulnerable Software and Affected Versions: Dell ThinOS 10 versions prior to 2508 10.0127 Description: Dell ThinOS 10 contains a Protection Mechanism Failure vulnerability. An unauthenticated attacker with remote access could potentially exploit this issue, leading to a bypass of the...
Dell Wyse Management Suite < 4.4.1 Multiple Vulnerabilities (DSA-2024-440)
The version of Dell Wyse Management Suite installed on the remote host is prior to 4.4.1. It is, therefore, affected by multiple vulnerabilities as referenced in the DSA-2024-440 advisory. - Authentication Bypass by Capture-replay vulnerability. A high privileged attacker with remote access could...
CVE-2024-49597
Dell Wyse Management Suite, versions WMS 4.4 and prior, contain an Improper Restriction of Excessive Authentication Attempts vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass...
CVE-2024-49597
Dell Wyse Management Suite, versions WMS 4.4 and prior, contain an Improper Restriction of Excessive Authentication Attempts vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass...
CVE-2024-49597
Dell Wyse Management Suite, versions WMS 4.4 and prior, contain an Improper Restriction of Excessive Authentication Attempts vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass...
CVE-2024-45764
Dell Enterprise SONiC OS, versions 4.1.x, 4.2.x, contains a Missing Critical Step in Authentication vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. This is a critical severity vulnerability so Dell...
CVE-2024-45764
Dell Enterprise SONiC OS, versions 4.1.x, 4.2.x, contains a Missing Critical Step in Authentication vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. This is a critical severity vulnerability so Dell...
CVE-2022-4533 Limit Login Attempts Plus <= 1.1.0 - IP Address Spoofing to Protection Mechanism Bypass
The Limit Login Attempts Plus plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1.0. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the...
CVE-2022-4539 Web Application Firewall <= 2.1.2 - IP Address Spoofing to Protection Mechanism Bypass
The Web Application Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.1.2. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the...
CVE-2022-4536 IP Vault – WP Firewall <= 1.1 - IP Address Spoofing to Protection Mechanism Bypass
The IP Vault – WP Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the...
CVE-2022-4536 IP Vault – WP Firewall <= 1.1 - IP Address Spoofing to Protection Mechanism Bypass
The IP Vault – WP Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the...
CVE-2024-24001
jshERP v3.3 is vulnerable to SQL Injection. via the com.jsh.erp.controller.DepotHeadController: com.jsh.erp.utils.BaseResponseInfo findallocationDetail function of jshERP which allows an attacker to construct malicious payload to bypass jshERP's protection mechanism...
LWS Hide Login < 2.1.9 - Protection Mechanism Bypass
Description The LWS Hide Login plugin for WordPress is vulnerable to protection mechanism bypass in all versions up to, and including, 2.1.8. This is due to the fact that attackers can bypass the hidden login page by visiting install.php. This makes it possible for unauthenticated attackers to...
CVE-2023-32493
Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. An unprivileged, remote attacker could potentially exploit this vulnerability, leading to denial of service, information disclosure and remote execution...
CVE-2023-32493
Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. An unprivileged, remote attacker could potentially exploit this vulnerability, leading to denial of service, information disclosure and remote execution...
CVE-2023-32493
Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. An unprivileged, remote attacker could potentially exploit this vulnerability, leading to denial of service, information disclosure and remote execution...
CVE-2023-32493
Dell PowerScale OneFS 9.5.0.x contains a protection mechanism bypass vulnerability that could allow an unprivileged, remote attacker to cause denial of service, information disclosure, and remote code execution. The available documents do not specify the exact root cause or vulnerable subsystem, ...