CVE-2025-62995

Missing Authorization vulnerability in multiparcels MultiParcels Shipping For WooCommerce multiparcels-shipping-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MultiParcels Shipping For WooCommerce: from n/a through = 1.30.12...

EUVD-2018-5269

Malware in sbrugna...

CVE-2025-58680

CVE-2025-58680 is a Missing Authorization vulnerability in the Gutentor WordPress plugin. It affects Gutentor versions up to and including 3.5.2, arising from incorrectly configured access control security levels. The initial description notes unauthorized access risk but provides no detailed exp...

CVE-2025-58193

Missing Authorization vulnerability in Uncanny Owl Uncanny Automator uncanny-automator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Uncanny Automator: from n/a through = 6.7.0.1...

Unit4 Financials by Coda Security Breaches

Unit4 Financials by Coda is a financial management software from Unit4 USA. A security vulnerability exists in versions of Unit4 Financials by Coda prior to 2023Q4 that stems from the presence of incorrect access controls...

Ethereum blockchain security breach

Ethereum Blockchain is a decentralized open source public blockchain platform with smart contract capabilities from the Ethereum Foundation. A security vulnerability exists in the Ethereum blockchain, which stems from the fact that tradingOpen in ReptilianCoin RPTC contains incorrect access...

Zulip 安全漏洞

Zulip is a powerful open source group chat application from the Zulip team. Used to combine the immediacy of real-time chat with the productivity benefits of threaded conversations, Zulip is vulnerable to an access control error that stems from the presence of incorrect access controls in the...

Stormshield Endpoint Security 安全漏洞

Stormshield Endpoint Security is a product line of enhanced workstation and server security from the French company Stormshield. A security vulnerability exists in Stormshield Endpoint Security that stems from incorrect access controls configured in Stormshield's previous x...

serverless安全漏洞

Serverless is a software application. Is this in order to be the one that contains all the official repo AWS Serverless architecture patterns built with the CDK? A security vulnerability exists in Serverless 8.0.0 that could cause developers to implement incorrect access controls...

CVE-2021-1515 Cisco SD-WAN vManage Information Disclosure Vulnerability

A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to gain access to sensitive information. This vulnerability is due to improper access controls on API endpoints when Cisco SD-WAN vManage Software is running in multi-tenant mode. An attacker with...

CVE-2020-27408

OpenSIS Community Edition through 7.6 is affected by incorrect access controls for the file ResetUserInfo.php that allow an unauthenticated attacker to change the password of arbitrary users...

CVE-2020-27408

OpenSIS Community Edition up to version 7.6 is affected by an access-control flaw in ResetUserInfo.php that lets an unauthenticated attacker change arbitrary user passwords. The root cause is improper access controls on the ResetUserInfo.php endpoint, enabling password modification without authen...

CVE-2018-13355

CVE-2018-13355 affects TerraMaster TOS 3.1.03; a flawed access control in ajaxdata.php allows attackers to create user groups without proper authorization. This undermines integrity and could enable privilege elevation within the system. No remediation or patch details are provided in the connect...