Check CVE Id
Check CWE Id
OX Documents 7.10.5 Improper Authorization
CTFd 2.1.5 Administrator Account Takeover
Social Engineering Neo
Microsoft Windows Task Scheduler Local Privilege Escalation
Social Engineering Neo
Slims CMS Akasia 8.3.1 SQL Injection
Slims CMS Akasia 8.3.1 Improper Authorization Vulnerability
Dell OpenManage Network Manager 22.214.171.124 SP3 Privilege Escalation
SAP Business Objects Unauthorized Audit Information Access
SAP Business Objects Unauthorized Audit Information Delete
SAP Business Objects Information Disclosure Via CORBA
SAP Business Warehouse Missing Authorization Check
SAP Business Objects Denial Of Service Via CORBA
Checkpoint Endpoint Security Media Encryption EPM Explorer Bypass
Zoom Telephonics Multiple Vulns
CVEMAP Search Results
Improper Authorization in GitHub repository kromitgmbh/titra prior to 0.79.1.
Improper Authorization in GitHub repository saltstack/salt prior to 3004.2.
RoboHelp Server earlier versions than RHS 11 Update 3 are affected by an Improper Authorization vulnerability which could lead to privilege escalation. An authenticated attacker could leverage this vulnerability to achieve full administrator privileges. Exploitation of this issue does not require user interaction.
BigBlueButton is an open source web conferencing system. In BigBlueButton starting with 2.2 but before 2.3.18 and 2.4-rc-1, an attacker can circumvent access controls to gain access to all breakout rooms of the meeting they are in. The permission checks rely on knowledge of internal ids rather than on verification of the role of the user. Versions 2.3.18 and 2.4-rc-1 contain a patch for this issue. There are currently no known workarounds.
BigBlueButton is an open source web conferencing system. Starting in version 2.2 and up to versions 2.3.18 and 2.4.1, an attacker could send messages to a locked chat within a grace period of 5s after the lock setting was enacted. The attacker needs to be a participant in the meeting. Versions 2.3.18 and 2.4.1 contain a patch for this issue. There are currently no known workarounds.
BigBlueButton is an open source web conferencing system. Starting in version 2.2 and up to versions 2.3.18 and 2.4-rc-6, an attacker can circumvent access restrictions for drawing on the whiteboard. The permission check is inadvertently skipped on the server, due to a previously introduced grace period. The attacker must be a meeting participant. The problem has been patched in versions 2.3.18 and 2.4-rc-6. There are currently no known workarounds.
Elcomplus SmartPTT is vulnerable when a low-authenticated user can access higher level administration authorization by issuing requests directly to the desired endpoints.
Improper Authorization in Packagist librenms/librenms prior to 22.2.0.
openwhyd is vulnerable to Improper Authorization
Back to Top