CVE-2026-49002

Access control failure means that an application does not effectively check user access permissions, so that unauthorized users can access system data beyond their permissions, such as viewing and modifying configuration information...

CVE-2025-64065

The Primakon Pi Portal 1.0.18 API /api/V2/ppudfvadmin endpoint, fails to perform necessary server-side validation. The administrative LoginAs or user impersonation feature is vulnerable to a access control failure. This flaw allows any authenticated low-privileged user to execute a direct PATCH...

CVE-2020-28861

OpenAsset Digital Asset Management DAM 12.0.19 and earlier failed to implement access controls on /Stream/ProjectsCSV endpoint, allowing unauthenticated attackers to gain access to potentially sensitive project information stored by the application...

Intel Modular Server MFS2600KISPP Compute Module elevation of privilege vulnerability (CNVD-2020-28230)

Intel Modular Server MFS2600KISPP Compute Module is a computing module from Intel Corporation USA. A security vulnerability exists in Intel Modular Server MFS2600KISPP Compute Module, which stems from a failure of proper access control. The vulnerability can be exploited by an attacker to elevate...

Issue of Access Control Failure in Hitachi Device Manager Server

Overview Hitachi Device Manager servers contain a vulnerability in which access control settings would be rendered invalid in the following cases: - IPv6 format is used for communications between a Hitachi Device Manager server and its clients. - Access controls for Hitachi Device Manager clients...

Issue of Access Control Failure in Groupmax Scheduler Server

Overview Groupmax Scheduler Server contains a vulnerability in which access privilege settings can be rendered invalid. Impact An unauthorized user may gain access to the Groupmax Scheduler Server. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take...