Improper access control checks for Nextcloud Server
Overview : A missing check in Nextcloud Server 14.0.3 could give recipient the possibility to extend the expiration date of
Overview : A missing check in Nextcloud Server 14.0.3 could give recipient the possibility to extend the expiration date of
Description OpenObserve is a observability platform built specifically for logs, metrics, traces, analytics, designed to work at petabyte scale. A
Description Dell ECS, versions 3.6 through 3.6.2.5, and 3.7 through 3.7.0.6, and 3.8 through 3.8.0.4 versions, contain an improper access
Description JumpServer is an open source bastion host and a professional operation and maintenance security audit system. Starting in version
Description SAP PowerDesigner – version 16.7, has improper access control which might allow an unauthenticated attacker to run arbitrary queries
Description Improper Access Control in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0. References https://huntr.dev/bounties/ac10e81c-998e-4425-9d74-b985d9b0254c https://github.com/cloudexplorer-dev/cloudexplorer-lite/commit/d9f55a44e579d312977b02317b2020de758b763a For More Information MITRE
Description Dell Power Manager, versions 3.10 and prior, contains an Improper Access Control vulnerability. A low-privileged attacker could potentially exploit
Description InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-284:
Description authentik is an open-source Identity Provider focused on flexibility and versatility. Versions prior to 2022.11.4 and 2022.10.4 are vulnerable
Description Zoom On-Premise Meeting Connector MMR before version 4.8.20220815.130 contains an improper access control vulnerability. As a result, a malicious
Description Improper Access Control vulnerability in the /Exago/WrImageResource.adx route as used in Device42 Asset Management Appliance allows an unauthenticated attacker
Description An improper validation vulnerability in IBM InfoSphere Information Server 11.7 Pack for SAP Apps and BW Packs may lead
Description A vulnerability has been found in Adminer Login 1.4.4 and classified as problematic. This vulnerability affects unknown code. The
Description The kustomize-controller enables the use of Kustomize’s functionality when applying Kubernetes declarative state onto a cluster. A malicious user
Overview : In WebAccess versions 8.4.1 and prior, multiple stack based buffer overflow vulnerabilities are detected by a lack of
Introducing the world’s first Distributed WAF on Multi-Cloud # SaaS Free WAF Prophaze WAF is a Native Cloud Web Application
Overview : Multiple vulnerabilities reported in Nextcloud Affected Product(s) : Nextcloud Social app version 0.3.1 Nextcloud Social < 0.4.0 Vulnerability
Overview : Moxa EDR 810 Series Improper Input Validation and Improper Access Control vulnerabilities Affected Product(s) : EDR-810: All versions
Overview : Schneider Electric detected multiple vulnerabilities in its U.motion din rail and touch panels servers. Affected Product(s) : U.motion
Web applications have become an integral part of modern business operations. They enable companies to interact with their customers, employees,
What Is Security Misconfiguration? What Is Security Misconfiguration? Security misconfiguration refers to the failure to properly configure and maintain the
Have you ever wondered how important XML is? And how insecure it can be if XML is parsed in an
API Security API Security for Your Data Privacy Prophaze API Security is a comprehensive solution to secure APIs from various
Tracking Changes Made from 2007 to 2013 Reports OWASP analyses the most crucial web application security flaws. OWASP being a