Lucene search
K

207 matches found

OSV
OSV
added 2022/12/19 3:15 p.m.5 views

CVE-2022-4613

A vulnerability was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome and classified as critical. This issue affects some unknown processing of the component Browser Extension Provisioning. The manipulation leads to improper authorization. The attack may be initiated...

6.5CVSS5.3AI score0.00726EPSS
Exploits1References3
Prion
Prion
added 2022/12/05 7:15 a.m.18 views

Authorization

A vulnerability has been found in Facepay 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /face-recognition-php/facepay-master/camera.php. The manipulation of the argument userId leads to authorization bypass. The attack can be launched...

6.5CVSS8.7AI score0.00438EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/06/13 6:15 p.m.2 views

CVE-2022-33174

Power Distribution Units running on Powertek firmware multiple brands before 3.30.30 allows remote authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the data retrieval interface /cgi/getparam.cgi with the tmpToken cookie set to an emp...

9.8CVSS5.8AI score0.13425EPSS
Exploits1References3
OSV
OSV
added 2022/06/13 6:15 p.m.3 views

CVE-2022-33174

Power Distribution Units running on Powertek firmware multiple brands before 3.30.30 allows remote authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the data retrieval interface /cgi/getparam.cgi with the tmpToken cookie set to an emp...

7.5CVSS5.8AI score0.13425EPSS
Exploits1References1
OSV
OSV
added 2022/06/09 4:15 p.m.5 views

CVE-2022-2019

A vulnerability classified as critical was found in SourceCodester Prison Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Users.php?f=save of the component New User Creation. The manipulation leads to improper authorization. The attack can be...

7.5CVSS6.6AI score0.00732EPSS
Exploits1References2
CNVD
CNVD
added 2022/05/19 12:0 a.m.33 views

Aruba ClearPass Policy Manager Remote Authorization Bypass Vulnerability

Aruba ClearPass Policy Manager is an application of the U.S. company Aruba to provide wireless network security access management system Aruba ClearPass Policy Manager has a remote authorization bypass vulnerability, which can be exploited by attackers to bypass authorization...

6.5CVSS4.5AI score0.00987EPSS
Exploits0Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/05/17 6:15 p.m.8 views

CVE-2022-23669

A remote authorization bypass vulnerability was discovered in Aruba ClearPass Policy Manager versions: 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability...

8.8CVSS7.3AI score0.00987EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/05/17 12:0 a.m.4 views

Aruba ClearPass Policy Manager 代码问题漏洞

Aruba ClearPass Policy Manager is an application of the U.S. company Aruba to provide wireless network security access management system Aruba ClearPass Policy Manager has a remote authorization bypass vulnerability, which can be exploited by attackers to bypass authorization...

8.8CVSS5.7AI score0.00987EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/05/17 12:0 a.m.3 views

PT-2022-16179 · Aruba · Aruba Clearpass Policy Manager

Name of the Vulnerable Software and Affected Versions: Aruba ClearPass Policy Manager versions 6.10.4 and below Aruba ClearPass Policy Manager versions 6.9.9 and below Aruba ClearPass Policy Manager versions 6.8.9-HF2 and below Aruba ClearPass Policy Manager versions 6.7.x and below Description: ...

8.8CVSS8.6AI score0.00987EPSS
Exploits0References4
Cvelist
Cvelist
added 2021/09/30 10:41 a.m.17 views

CVE-2021-41298 ECOA BAS controller - Improper Access Control

ECOA BAS controller is vulnerable to insecure direct object references that occur when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability, attackers with general user's privilege can remotely bypass authorization and access the hidden...

8.8CVSS8.9AI score0.00842EPSS
Exploits1References1
Symantec
Symantec
added 2020/01/14 12:0 a.m.54 views

SAP Leasing CVE-2020-6306 Remote Authorization Bypass Vulnerability

Description SAP Leasing is prone to an authorization-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected SAP Leasing 6.0 SAP Leasing 6.02 SAP Leasing 6.0...

0.6AI score0.00596EPSS
Exploits0References2Affected Software1
Symantec
Symantec
added 2019/10/08 12:0 a.m.52 views

SAP NetWeaver Process Integration CVE-2019-0367 Remote Authorization Bypass Vulnerability

Description SAP NetWeaver Process Integration is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. SAP NetWeaver Process Integration versions 1.0 and 2.0 are vulnerable...

1.4AI score0.0055EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/08/09 6:15 p.m.3 views

CVE-2019-5402

A remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media versions: prior to 3.5.0.1...

9.4CVSS7.3AI score0.04296EPSS
Exploits0References1
OSV
OSV
added 2019/08/09 6:15 p.m.3 views

CVE-2019-5405

A remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media versions: prior to 3.5.0.1...

7.3CVSS7.2AI score0.01586EPSS
Exploits0References1
CVE
CVE
added 2019/08/09 5:31 p.m.87 views

CVE-2019-5405

CVE-2019-5405 concerns a remote authorization bypass in HPE 3PAR StoreServ Management Console (SSMC) and Core Software Media, affecting versions prior to 3.5.0.1. The available connected records describe an authorization bypass vulnerability in the HPE 3PAR StoreServ management/console components...

7.3CVSS7.1AI score0.01586EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/08/09 5:28 p.m.19 views

CVE-2019-5402

A remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media versions: prior to 3.5.0.1...

9.3AI score0.04296EPSS
Exploits0References1
CNVD
CNVD
added 2018/09/12 12:0 a.m.1 views

SAP Enterprise Financial Services Remote Authorization Bypass Vulnerability (CNVD-2019-08546)

SAP Enterprise Financial Services is a set of enterprise financial services solutions from SAP. A remote authorization bypass vulnerability exists in SAP Enterprise Financial Services, which could be exploited by an attacker to gain unauthorized access and obtain sensitive information...

8.8CVSS8.8AI score0.01333EPSS
Exploits0References1
CNVD
CNVD
added 2018/09/12 12:0 a.m.3 views

SAP Enterprise Financial Services Remote Authorization Bypass Vulnerability (CNVD-2019-08545)

SAP Enterprise Financial Services is a set of enterprise financial services solutions from SAP. A remote authorization bypass vulnerability exists in SAP Enterprise Financial Services, which could be exploited by an attacker to gain unauthorized access and obtain sensitive information...

8.8CVSS8.8AI score0.01333EPSS
Exploits0References1
CNVD
CNVD
added 2017/11/30 12:0 a.m.2 views

McAfee Network Security Manager Remote Authorization Bypass Vulnerability

McAfee Network Security Manager NSM is a network security solution from McAfee that enables real-time monitoring of deployed McAfee intrusion prevention systems across the network. A remote authorization bypass vulnerability exists in McAfee NSM versions prior to 8.2.7.71.1. A remote attacker cou...

7.1AI score
Exploits0References1
CNVD
CNVD
added 2017/11/03 12:0 a.m.4 views

Symantec ProxySG and Advanced Secure Gateway Remote Authorization Bypass Vulnerability

Symantec ProxySG and Advanced Secure Gateway ASG are both security gateway appliances from Symantec USA. A security vulnerability exists in Symantec ProxySG and ASG. A remote attacker could exploit the vulnerability to access the management console functionality...

8CVSS6.9AI score0.02353EPSS
Exploits0References1
Rows per page
Query Builder