87 matches found
CVE-2025-62977
Missing Authorization vulnerability in 沃之涛 百度站长SEO合集支持百度/神马/Bing/头条推送 baiduseo allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects 百度站长SEO合集支持百度/神马/Bing/头条推送: from n/a through = 2.1.4...
The vulnerability of the Jenkins automation server allows a hacker to gain unauthorized access to functions that would otherwise be restricted.
The vulnerability of the Jenkins automation server is related to improper access control. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to functions that would otherwise be restricted...
CVE-2025-49925
Missing Authorization vulnerability in VibeThemes WPLMS wplmsplugin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPLMS: from n/a through = 1.9.9.7...
CVE-2025-49925
Missing Authorization vulnerability in VibeThemes WPLMS wplmsplugin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPLMS: from n/a through = 1.9.9.7...
EUVD-2020-27470
Malware in sbrugna...
EUVD-2021-20381
Malware in sbrugna...
EUVD-2025-28498
Malicious code in bioql PyPI...
EUVD-2022-48738
Malicious code in bioql PyPI...
EUVD-2023-58745
Malicious code in bioql PyPI...
CVE-2025-6724
In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in multiple services via improperly neutralized inputs used in an SQL command...
CVE-2025-42915
Fiori app Manage Payment Blocks does not perform the necessary authorization checks, allowing an attacker with basic user privileges to abuse functionalities that should be restricted to specific user groups.This issue could impact both the confidentiality and integrity of the application without...
CVE-2025-42915
Fiori app Manage Payment Blocks does not perform the necessary authorization checks, allowing an attacker with basic user privileges to abuse functionalities that should be restricted to specific user groups.This issue could impact both the confidentiality and integrity of the application without...
CVE-2025-42915 Missing Authorization Check in Fiori app (Manage Payment Blocks)
Fiori app Manage Payment Blocks does not perform the necessary authorization checks, allowing an attacker with basic user privileges to abuse functionalities that should be restricted to specific user groups.This issue could impact both the confidentiality and integrity of the application without...
CVE-2025-42915 Missing Authorization Check in Fiori app (Manage Payment Blocks)
Fiori app Manage Payment Blocks does not perform the necessary authorization checks, allowing an attacker with basic user privileges to abuse functionalities that should be restricted to specific user groups.This issue could impact both the confidentiality and integrity of the application without...
CVE-2025-42915
CVE-2025-42915 affects the SAP Fiori app Manage Payment Blocks . The root cause is missing authorization checks, permitting an attacker with basic user privileges to abuse functions restricted to specific user groups. Impact is limited to confidentiality and integrity (no availability impact stat...
CVE-2025-54710
Missing Authorization vulnerability in bPlugins Tiktok Feed b-tiktok-feed allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Tiktok Feed: from n/a through = 1.0.21...
CVE-2025-49406
CVE-2025-49406 concerns the WordPress Houzez theme (
WordPress plugin The E-Commerce ERP 安全漏洞
WordPress The E-Commerce ERP is a comprehensive management system designed for small and medium-sized enterprises, integrating financial management, human resources management, procurement management, sales management, inventory management and production management, helping enterprises to optimiz...
CVE-2025-40667
Missing authorization vulnerability in TCMAN's GIM v11. This allows an authenticated attacker to access any functionality of the application even when they are not available through the user interface. To exploit the vulnerability the attacker must modify the HTTP code of the response from ‘302...
CVE-2024-56273
Missing Authorization vulnerability in wpvividplugins WPvivid Backup and Migration wpvivid-backuprestore allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPvivid Backup and Migration: from n/a through = 0.9.106...