CVE-2022-23684

A vulnerability in the web-based management interface of AOS-CX could allow a remote authenticated user with read-only privileges to escalate their permissions to those of an administrative user. Successful exploitation of this vulnerability allows an attacker to escalate privileges beyond their...

CVE-2025-23684

Missing Authorization vulnerability in Eugen Bobrowski Debug Tool debug-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Debug Tool: from n/a through = 2.2...

CVE-2025-23684

creationtimestamp| type| source ---|---|--- 2025-01-22 15:20:08+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo5pr54e2j 2025-01-22 16:01:49+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/2561...

CVE-2025-23684

Missing Authorization vulnerability in Eugen Bobrowski Debug Tool debug-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Debug Tool: from n/a through = 2.2...

CVE-2025-23684 WordPress Debug Tool plugin <= 2.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Eugen Bobrowski Debug Tool debug-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Debug Tool: from n/a through = 2.2...

CVE-2025-23684

CVE-2025-23684 : Missing Authorization vulnerability in the Eugen Bobrowski Debug Tool. Reported as allowing exploitation of incorrectly configured access control security levels in Debug Tool versions up to 2.2 (inclusive). The issue is described as a missing authorization problem; CVSS 3.1 deta...

CVE-2025-23684 WordPress Debug Tool plugin <= 2.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Eugen Bobrowski Debug Tool allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Debug Tool: from n/a through 2.2...

CVE-2024-23684

creationtimestamp| type| source ---|---|--- 2024-02-15 18:57:03+00:00| seen| https://t.me/ctinow/185772 2025-06-20 18:42:21+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19027...

CVE-2024-23684

CVE-2024-23684 affects the Java CBOR library from com.upokecenter (CBOR) versions 4.0.0–4.5.1. The issue is an inefficient algorithmic path in DecodeFromBytes that can be exploited by a malicious input to cause a denial of service. The NVD entry notes a remote attacker scenario depending on appli...

CVE-2024-23684 upokecenter CBOR Denial of Service

Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise Binary Object Representation CBOR versions 4.0.0 to 4.5.1 allows an attacker to cause a denial of service by passing a maliciously crafted input. Depending on an application's use...

CVE-2024-23684 upokecenter CBOR Denial of Service

Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise Binary Object Representation CBOR versions 4.0.0 to 4.5.1 allows an attacker to cause a denial of service by passing a maliciously crafted input. Depending on an application's use...

CVE-2023-23684

Server-Side Request Forgery SSRF vulnerability in WPGraphQL.This issue affects WPGraphQL: from n/a through 1.14.5...

CVE-2023-23684

WPGraphQL

WordPress WPGraphQL Plugin <= 1.14.5 is vulnerable to Server Side Request Forgery (SSRF)

Software WPGraphQL Type Plugin Vulnerable versions = 1.14.5 Fixed in 1.14.6 OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2023-23684 Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID b0a8de3a4ab4 Credits Ravi Dharmawan Required privilege...

CVE-2022-23684

CVE-2022-23684 is a vulnerability in the web-based management interface of ArubaOS‑CX switches that lets a remote authenticated user with read‑only privileges escalate to administrative rights. Affected releases include ArubaOS‑CX Switches 10.09.xxxx up to 10.09.1020 and below, 10.08.xxxx up to 1...