CVE-2026-8046

The affected products insufficiently verify authorization when deleting user accounts. An authenticated, low-privileged remote user can exploit this vulnerability to delete other users, including those with higher privileges...

CVE-2026-40134

Due to insufficient authorization checks in the SAP Incentive and Commission Management application, authenticated users could invoke a remote-enabled function module to perform table update operations. This vulnerability has a low impact on integrity with no impact on confidentiality and...

PT-2026-37656

A vulnerability in the log file download functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to download arbitrary log files from the server. This vulnerability is due to insufficient authorization checks on the download service API. An attacker could exploit...

Discourse Information Disclosure Vulnerability (CNVD-2026-17479)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an information disclosure vulnerability that stems from insufficient authorization checks on user-operated...

Improper Authorization

code.gitea.io/gitea is vulnerable to improper authorization. The vulnerability is due to insufficient authorization checks when deleting releases, which allows an attacker to delete releases without proper permissions...

Discourse 安全漏洞

Discourse is an open-source community discussion platform developed by Discourse. This platform includes features such as communities, email communication, and chat rooms. Versions of Discourse prior to 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 contain security vulnerabilities. These...

CVE-2026-28720

Unauthorized modification of settings due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 Linux, Windows before build 41186...

CVE-2026-28720

Unauthorized modification of settings due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 Linux, Windows before build 41186...

CVE-2025-11791

Sensitive information disclosure and manipulation due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 Linux, macOS, Windows before build 41186, Acronis Cyber Protect Cloud Agent Linux, macOS, Windows before build 41124...

PT-2026-23578

Name of the Vulnerable Software and Affected Versions Acronis Cyber Protect 17 versions prior to build 41186 Acronis Cyber Protect Cloud Agent versions prior to build 41124 Description The software contains a flaw related to insufficient authorization checks, potentially leading to sensitive...

CVE-2025-12492

The CVE CVE-2025-12492 affects Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin for WordPress. It exposes sensitive information via an unauthenticated AJAX endpoint (ajax_get_members) due to a low-entropy, predictable token (5 hex char...

PT-2025-47275

Name of the Vulnerable Software and Affected Versions Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links plugin for WordPress versions through 1.2.5 Description The plugin is susceptible to unauthorized post modification because of insufficient authorization checks. Th...

EUVD-2020-25693

Malware in sbrugna...

EUVD-2008-1811

Malware in sbrugna...

EUVD-2018-1282

Malware in sbrugna...

PT-2025-30646 · WordPress · Onlyoffice Docs Plugin For Wordpress

Name of the Vulnerable Software and Affected Versions: ONLYOFFICE Docs plugin for WordPress versions 1.1.0 through 2.2.0 Description: The ONLYOFFICE Docs plugin for WordPress is susceptible to a privilege escalation issue due to insufficient authorization checks within the oo.callback REST...

SAP NetWeaver 安全漏洞

SAP NetWeaver is a set of integrated service-oriented application platforms from SAP, Germany. The platform primarily provides a development and runtime environment for SAP applications. A security vulnerability exists in SAP NetWeaver that stems from insufficient authorization checking and could...

SAP S/4HANA 安全漏洞

SAP S/4HANA is an enterprise resource management software based on the SAP HANA in-memory database system from SAP, Germany. A security vulnerability exists in SAP S/4HANA that stems from insufficient authorization checking, which could lead to the creation of RFC targets and the assignment of...

CVE-2025-27666

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Insufficient Authorization Checks OVE-20230524-0010...

CVE-2025-27666

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Insufficient Authorization Checks OVE-20230524-0010...