207 matches found
CVE-2022-4613
A vulnerability was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome and classified as critical. This issue affects some unknown processing of the component Browser Extension Provisioning. The manipulation leads to improper authorization. The attack may be initiated...
Authorization
A vulnerability has been found in Facepay 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /face-recognition-php/facepay-master/camera.php. The manipulation of the argument userId leads to authorization bypass. The attack can be launched...
CVE-2022-33174
Power Distribution Units running on Powertek firmware multiple brands before 3.30.30 allows remote authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the data retrieval interface /cgi/getparam.cgi with the tmpToken cookie set to an emp...
CVE-2022-33174
Power Distribution Units running on Powertek firmware multiple brands before 3.30.30 allows remote authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the data retrieval interface /cgi/getparam.cgi with the tmpToken cookie set to an emp...
CVE-2022-2019
A vulnerability classified as critical was found in SourceCodester Prison Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Users.php?f=save of the component New User Creation. The manipulation leads to improper authorization. The attack can be...
Aruba ClearPass Policy Manager Remote Authorization Bypass Vulnerability
Aruba ClearPass Policy Manager is an application of the U.S. company Aruba to provide wireless network security access management system Aruba ClearPass Policy Manager has a remote authorization bypass vulnerability, which can be exploited by attackers to bypass authorization...
CVE-2022-23669
A remote authorization bypass vulnerability was discovered in Aruba ClearPass Policy Manager versions: 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability...
Aruba ClearPass Policy Manager 代码问题漏洞
Aruba ClearPass Policy Manager is an application of the U.S. company Aruba to provide wireless network security access management system Aruba ClearPass Policy Manager has a remote authorization bypass vulnerability, which can be exploited by attackers to bypass authorization...
PT-2022-16179 · Aruba · Aruba Clearpass Policy Manager
Name of the Vulnerable Software and Affected Versions: Aruba ClearPass Policy Manager versions 6.10.4 and below Aruba ClearPass Policy Manager versions 6.9.9 and below Aruba ClearPass Policy Manager versions 6.8.9-HF2 and below Aruba ClearPass Policy Manager versions 6.7.x and below Description: ...
CVE-2021-41298 ECOA BAS controller - Improper Access Control
ECOA BAS controller is vulnerable to insecure direct object references that occur when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability, attackers with general user's privilege can remotely bypass authorization and access the hidden...
SAP Leasing CVE-2020-6306 Remote Authorization Bypass Vulnerability
Description SAP Leasing is prone to an authorization-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected SAP Leasing 6.0 SAP Leasing 6.02 SAP Leasing 6.0...
SAP NetWeaver Process Integration CVE-2019-0367 Remote Authorization Bypass Vulnerability
Description SAP NetWeaver Process Integration is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. SAP NetWeaver Process Integration versions 1.0 and 2.0 are vulnerable...
CVE-2019-5402
A remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media versions: prior to 3.5.0.1...
CVE-2019-5405
A remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media versions: prior to 3.5.0.1...
CVE-2019-5405
CVE-2019-5405 concerns a remote authorization bypass in HPE 3PAR StoreServ Management Console (SSMC) and Core Software Media, affecting versions prior to 3.5.0.1. The available connected records describe an authorization bypass vulnerability in the HPE 3PAR StoreServ management/console components...
CVE-2019-5402
A remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media versions: prior to 3.5.0.1...
SAP Enterprise Financial Services Remote Authorization Bypass Vulnerability (CNVD-2019-08546)
SAP Enterprise Financial Services is a set of enterprise financial services solutions from SAP. A remote authorization bypass vulnerability exists in SAP Enterprise Financial Services, which could be exploited by an attacker to gain unauthorized access and obtain sensitive information...
SAP Enterprise Financial Services Remote Authorization Bypass Vulnerability (CNVD-2019-08545)
SAP Enterprise Financial Services is a set of enterprise financial services solutions from SAP. A remote authorization bypass vulnerability exists in SAP Enterprise Financial Services, which could be exploited by an attacker to gain unauthorized access and obtain sensitive information...
McAfee Network Security Manager Remote Authorization Bypass Vulnerability
McAfee Network Security Manager NSM is a network security solution from McAfee that enables real-time monitoring of deployed McAfee intrusion prevention systems across the network. A remote authorization bypass vulnerability exists in McAfee NSM versions prior to 8.2.7.71.1. A remote attacker cou...
Symantec ProxySG and Advanced Secure Gateway Remote Authorization Bypass Vulnerability
Symantec ProxySG and Advanced Secure Gateway ASG are both security gateway appliances from Symantec USA. A security vulnerability exists in Symantec ProxySG and ASG. A remote attacker could exploit the vulnerability to access the management console functionality...