9 matches found
SICK Lector85x和SICK SICK Lector83x 安全漏洞
SICK Lector85x and SICK SICK Lector83x are a series of QR code image recognition readers developed by the German company SICK. Both devices have security vulnerabilities. These vulnerabilities stem from incorrect access controls. Attackers could potentially perform unauthenticated read and write...
CVE-2026-20062
The CVE-2026-20062 entry concerns Cisco Secure Firewall ASA software in multiple context mode. Vulnerability: improper access controls on SCP operations when the CiscoSSH stack is enabled allow an authenticated user with admin privileges only in a non-admin context to copy files to/from other con...
CVE-2020-37114
GUnet OpenEclass 1.7.3 allows unauthenticated and authenticated users to access sensitive information, including system information, application version, and other students' uploaded assessments, due to improper access controls and information disclosure flaws in various modules. Attackers can...
CVE-2025-11440
A vulnerability was determined in JhumanJ OpnForm up to 1.9.3. Impacted is an unknown function of the file /edit. Executing manipulation can lead to improper access controls. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. This patch is called...
CVE-2024-12244
CVE-2024-12244†Missing Authorization in GitLab . The issue is an access-control flaw in GitLab Enterprise Edition (GitLab EE) that could allow a user to view certain restricted project information even when related features are disabled. Affected versions are GitLab EE 17.7 up to 17.9.7, 17.10 up...
Mattermost Server 安全漏洞
Mattermost Server is an open source messaging platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost Server that stems from an inability to enforce proper access controls, resulting in unprivileged visitors being able to access operational metadata. The...
PT-2024-24786 · Unknown · Thingsboard
Name of the Vulnerable Software and Affected Versions: ThingsBoard versions up to 3.6.2 Description: A problematic issue was found in the AdvancedFeature component, leading to improper access controls. The attack can be initiated remotely. The issue affects unknown code and may be exploited. The...
Nextcloud 安全漏洞
Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud versions 24.0.x prior to 24.0.7 and 25.0.x prior to 25.0.1, which stems from the inclusion of incorrect access...
CVE-2020-7294
Privilege Escalation vulnerability in McAfee Web Gateway MWG prior to 9.2.1 allows authenticated user interface user to delete or download protected files via improper access controls in the REST interface...