CVE-2026-8350

Concrete CMS 9.5.0 and below is vulnerable to missing authorization in the bulkuserassignment.php which can lead to privilege escalation to Administrative Group. Any authenticated user with access to the bulk user assignment dashboard page can add any user email to any group and can remove...

CVE-2026-8350 Concrete CMS 9.5.0 and below is vulnerable to missing authorization in the bulk_user_assignment.php which can lead to privilege escalation to Administrative Group

Concrete CMS 9.5.0 and below is vulnerable to missing authorization in the bulkuserassignment.php which can lead to privilege escalation to Administrative Group. Any authenticated user with access to the bulk user assignment dashboard page can add any user email to any group and can remove...

CVE-2025-8350

creationtimestamp| type| source ---|---|--- 2026-02-19 15:43:18+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mf7woxkl6j25...

CVE-2015-8350

creationtimestamp| type| source ---|---|--- 2025-12-22 01:17:33+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2015/CVE-2015-8350.yaml 2025-12-23 21:02:55+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3maonj35a2i2f...

MAL-2025-8350 Malicious code in @lbnqduy/stunning-rotary-phone (npm)

The package @lbnqduy/stunning-rotary-phone was found to contain malicious code...

CVE-2024-8350

The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to user group add due to a missing capability check on the /wp-json/ulgmmanagement/v1/adduser/ REST API endpoint in all versions up to, and including, 6.1.0.1. This makes it possible for authenticated attackers, with group...

Linux Distros Unpatched Vulnerability : CVE-2017-8350

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In ImageMagick 7.0.5-5, the ReadJNGImage function in png.c allows attackers to cause a denial of service memory leak via a crafted file. CVE-2017-8350 Note that...

CVE-2020-8350

An authentication bypass vulnerability was reported in Lenovo ThinkPad Stack Wireless Router firmware version 1.1.3.4 that could allow escalation of privilege...

CVE-2024-8350

creationtimestamp| type| source ---|---|--- 2024-09-25 05:57:29+00:00| seen| https://t.me/cvedetector/6279...

CVE-2024-8350 Uncanny Groups for LearnDash <= 6.1.0.1 - Missing Authorization to Authenticated (Group Leader+) User Group Add

The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to user group add due to a missing capability check on the /wp-json/ulgmmanagement/v1/adduser/ REST API endpoint in all versions up to, and including, 6.1.0.1. This makes it possible for authenticated attackers, with group...

CVE-2024-8350 Uncanny Groups for LearnDash <= 6.1.0.1 - Missing Authorization to Authenticated (Group Leader+) User Group Add

The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to user group add due to a missing capability check on the /wp-json/ulgmmanagement/v1/adduser/ REST API endpoint in all versions up to, and including, 6.1.0.1. This makes it possible for authenticated attackers, with group...

WordPress Uncanny Groups for LearnDash Plugin <= 6.1.0.1 is vulnerable to Broken Access Control

Software Uncanny Groups for LearnDash Type Plugin Vulnerable versions = 6.1.0.1 Fixed in 6.1.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-8350 Patch priority Low CVSS severity Low 2.7 Developer Claim ownership PSID d89e217025ab Credits Karl Emil Nikka...

Moxa ioLogik E1200 Series Cross-Site Request Forgery (CVE-2016-8350)

An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware...

Debian: Security Advisory (DLA-452-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2014-0468)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-8350

CVE-2020-8350 affects the Lenovo ThinkPad Stack Wireless Router, firmware 1.1.3.4, via an authentication bypass that could lead to privilege escalation. Public sources (NVD, Red Hat) describe an adjacent-network vulnerability with CVSS v3.1 base score 8.8 (HIGH) and impact on confidentiality, int...

Lenovo ThinkPad Stack Wireless Router Vulnerability - Lenovo Support US

No description provided...

Lenovo ThinkPad Stack Wireless Router Vulnerability - Lenovo Support US

Lenovo Security Advisory: LEN-48228 Potential Impact: Privilege escalation Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2020-8350 Summary Description: An authentication bypass vulnerability was reported in Lenovo ThinkPad Stack Wireless Router that could allow escalation of...

CVE-2019-8350

The CVE-2019-8350 entry describes an information-disclosure vulnerability in The Simple - Better Banking Android app (versions 2.45.0–2.45.3; fixed in 2.46.0). The issue arises when passwords typed into the app are exposed to the keyboard autocomplete mechanism, allowing third-party keyboards tha...

CVE-2018-8350

A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10...