Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
CWE
:
Topic
Date
Author
Low
MOV.AI Robotics Engine 2.2.3-3 Improper Access Control
13.01.2023
Thurein Soe
High
Dovecot IMAP Server 2.2 Improper Access Control
08.07.2022
Julian Brook
High
Voltage SecureMail Server Business Logic Bypass
07.02.2022
TING Meng Yean
Low
WordPress Modern Events Calendar 5.16.2 Information Disclosure
02.07.2021
Ron Jost
Med.
Realteo WordPress Plugin <= 1.2.3 - Improper Access Control
02.04.2021
m0ze
Med.
Controlled Admin Access WordPress Plugin <= 1.4.0 - Improper Access Control & Privilege Escalation
23.03.2021
m0ze
Med.
Barco wePresent Undocumented SSH Interface
21.11.2020
Jim Becher
Med.
Reliable Services Improper Access Control
12.05.2020
KingSkrupellos
Med.
ThinkTrek Solutions Improper Access Control
11.05.2020
KingSkrupellos
Med.
Native Sparrow Improper Access Control
11.05.2020
KingSkrupellos
Med.
MediaCosmo CMS Improper Access Control
11.05.2020
KingSkrupellos
Med.
Avast Secure Browser 76.0.1659.101 Local Privilege Escalation
21.03.2020
Silton Santos
High
Avira Free Security Suite 2019 Software Updater 2.0.6.13175 Improper Access Control
06.08.2019
Silton Santos
Low
Yurdum Software Reflected XSS Privilege Escalation
17.06.2019
KingSkrupellos
Med.
Blue Prism Robotic Process Automation (RPA) Privilege Escalation
23.05.2019
Benjamin Hess
Med.
AlumniMagnet OmniMagnet Improper Access Control Vulnerability
20.05.2019
KingSkrupellos
Med.
Gemalto DS3 Authentication Server / Ezio Server Command Injection / File Disclosure
11.05.2019
TING Meng Yean
Med.
Designed by Longtail E-Media Improper Access Control and RFU Vulnerability
22.09.2018
AYAR
Low
WordPress Developed by Netsoft Limited Software Development Bangladesh Improper Authentication Vulnerability
05.09.2018
KingSkrupellos
Med.
WordPress DrcSystems EthicSolutions Jssor-Slider Library Plugin Arbitrary File Upload Vulnerability
21.06.2018
KingSkrupellos
High
Solarwinds LEM 6.3.1 Hardcoded Credentials
25.04.2017
Matt Bergin
Med.
HP Printers Wi-Fi Direct Improper Access Control
03.02.2017
Neseso
Med.
SAP HANA Information Disclosure
28.05.2015
onapsis
High
TheCartPress WordPress plugin 1.3.9 Multiple Vulns
29.04.2015
High-Tech Bridge Secur...
Low
SAP Background Processing RFC Missing Authorization
29.04.2014
Onapsis
Low
SAP BASIS Missing Authorization Check
29.04.2014
Onapsis
Low
SAP Profile Maintenance Missing Authorization
29.04.2014
Onapsis
High
OpenDocMan 1.2.7 Multiple Vulnerabilities
05.03.2014
High-Tech Bridge Secur...
High
Microweber 0.8 Arbitrary File Deletion
18.10.2013
High-Tech Bridge Secur...
High
Samsung Kies 2.3.2.12054_20 NULL Pointer Dereference and bypass
16.10.2012
High-Tech Bridge Secur...
High
PBBoard 2.1.4 SQL Injection and Improper Authentication
09.08.2012
High-Tech Bridge Secur...
Med.
AWScripts Gallery Search Engine 1.x Insecure Cookie Vulnerability
01.07.2009
TiGeR-Dz
CVEMAP Search Results
CVE
Details
Description
2023-03-18
CVE-2023-1486
Updating...
A vulnerability classified as problematic was found in Lespeed WiseCleaner Wise Force Deleter 1.5.3.54. This vulnerability affects unknown code in the library WiseUnlock64.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223372.
CVE-2023-1491
Updating...
A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1. It has been classified as critical. This affects an unknown part in the library MaxCryptMon.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier VDB-223377 was assigned to this vulnerability.
CVE-2023-1490
Updating...
A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1 and classified as critical. Affected by this issue is some unknown functionality in the library SDActMon.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223376.
CVE-2023-1489
Updating...
A vulnerability has been found in Lespeed WiseCleaner Wise System Monitor 1.5.3.54 and classified as critical. Affected by this vulnerability is an unknown functionality in the library WiseHDInfo64.dll of the component IoControlCode Handler. The manipulation leads to improper access controls. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223375.
2023-03-17
CVE-2023-1453
Updating...
A vulnerability was found in Watchdog Anti-Virus 1.4.214.0. It has been rated as critical. Affected by this issue is some unknown functionality in the library wsdk-driver.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-223298 is the identifier assigned to this vulnerability.
2023-03-16
CVE-2023-1432
Updating...
A vulnerability was found in SourceCodester Online Food Ordering System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /fos/admin/ajax.php?action=save_settings of the component POST Request Handler. The manipulation leads to improper access controls. The attack may be launched remotely. VDB-223214 is the identifier assigned to this vulnerability.
CVE-2023-0811
Updating...
Omron CJ1M unit v4.0 and prior has improper access controls on the memory region where the UM password is stored. If an adversary issues a PROGRAM AREA WRITE command to a specific memory region, they could overwrite the password. This may lead to disabling UM protections or setting a non-ASCII password (non-keyboard characters) and preventing an engineer from viewing or modifying the user program.
2023-03-14
CVE-2023-27268
Updating...
SAP NetWeaver AS Java (Object Analyzing Service) - version 7.50, does not perform necessary authorization checks, allowing an unauthenticated attacker to attach to an open interface and make use of an open naming and directory API to access a service which will enable them to access but not modify server settings and data with no effect on availability., resulting in escalation of privileges.
CVE-2023-26460
Updating...
Cache Management Service in SAP NetWeaver Application Server for Java - version 7.50, does not perform any authentication checks for functionalities that require user identity
2023-03-13
CVE-2023-0348
Updating...
Akuvox E11 allows direct SIP calls. No access control is enforced by the SIP servers, which could allow an attacker to contact any device within Akuvox to call any other device.
Copyright
2023
, cxsecurity.com
Back to Top
