Search Results for: improper access control

Overview : A missing check in Nextcloud Server 14.0.3 could give recipient the possibility to extend the expiration date of

Description OpenObserve is a observability platform built specifically for logs, metrics, traces, analytics, designed to work at petabyte scale. A

Description The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for

Description An improper access control vulnerability in the Azure Managed Instance for Apache Cassandra allows an authenticated attacker to elevate

Description Dell ECS, versions 3.6 through 3.6.2.5, and 3.7 through 3.7.0.6, and 3.8 through 3.8.0.4 versions, contain an improper access

Description JumpServer is an open source bastion host and a professional operation and maintenance security audit system. Starting in version

Description SAP PowerDesigner – version 16.7, has improper access control which might allow an unauthenticated attacker to run arbitrary queries

Description Improper Access Control in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0. References https://huntr.dev/bounties/ac10e81c-998e-4425-9d74-b985d9b0254c https://github.com/cloudexplorer-dev/cloudexplorer-lite/commit/d9f55a44e579d312977b02317b2020de758b763a For More Information MITRE

Description Dell Power Manager, versions 3.10 and prior, contains an Improper Access Control vulnerability. A low-privileged attacker could potentially exploit

Description InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-284:

Description authentik is an open-source Identity Provider focused on flexibility and versatility. Versions prior to 2022.11.4 and 2022.10.4 are vulnerable

Description Zoom On-Premise Meeting Connector MMR before version 4.8.20220815.130 contains an improper access control vulnerability. As a result, a malicious

Description Improper Access Control vulnerability in the /Exago/WrImageResource.adx route as used in Device42 Asset Management Appliance allows an unauthenticated attacker

Description An improper validation vulnerability in IBM InfoSphere Information Server 11.7 Pack for SAP Apps and BW Packs may lead

Description A vulnerability has been found in Adminer Login 1.4.4 and classified as problematic. This vulnerability affects unknown code. The

Description The kustomize-controller enables the use of Kustomize’s functionality when applying Kubernetes declarative state onto a cluster. A malicious user

Overview : In WebAccess versions 8.4.1 and prior, multiple stack based buffer overflow vulnerabilities are detected by a lack of

Description This vulnerability exists in TechExcel Back Office Software versions prior to 1.0.0 due to improper access controls on certain

Description Dell Alienware Command Center, version 5.7.3.0 and prior, contains an improper access control vulnerability. A low privileged attacker could

Overview : Multiple vulnerabilities reported in Nextcloud Affected Product(s) : Nextcloud Social app version 0.3.1 Nextcloud Social < 0.4.0 Vulnerability

Overview : Moxa EDR 810 Series Improper Input Validation and Improper Access Control vulnerabilities Affected Product(s) : EDR-810: All versions

Overview : Schneider Electric detected multiple vulnerabilities in its U.motion din rail and touch panels servers. Affected Product(s) : U.motion