Lucene search
K

1101 matches found

RedhatCVE
RedhatCVE
added 2025/06/29 2:26 p.m.11 views

CVE-2025-53295

Missing Authorization vulnerability in iCount iCount Payment Gateway icount allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects iCount Payment Gateway: from n/a through = 2.0.7...

5.3CVSS5.9AI score0.00257EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/27 12:0 a.m.6 views

PT-2025-27203 · Unknown · Rohil Contact Form – 7 : Hide Success Message

Name of the Vulnerable Software and Affected Versions: Rohil Contact Form – 7 : Hide Success Message versions 1.1.4 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For...

5.3CVSS6.8AI score0.00257EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/06/25 4:49 p.m.5 views

CVE-2025-52889 Incus vulnerable to DoS through antispoofing nftables firewall rule bypass on bridge networks with ACLs

Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services DHCP, DNS... that partially bypass security options security.macfiltering, security.ipv4filtering and...

3.4CVSS7.2AI score0.00202EPSS
Exploits0References3
CVE
CVE
added 2025/06/25 4:49 p.m.27 views

CVE-2025-52889

Incus (system container/VM manager) on versions 6.12–6.13 is vulnerable when an ACL on a bridge-connected device is used: nftables rules for local services can bypass security.mac_filtering, security.ipv4_filtering, and security.ipv6_filtering, enabling DHCP pool exhaustion and potential further ...

3.4CVSS7.2AI score0.00202EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/06/20 12:0 a.m.5 views

PT-2025-26358 · Unknown · Contentstudio

Name of the Vulnerable Software and Affected Versions: ContentStudio versions 1.3.4 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For ContentStudio versions 1.3.4 and...

5.3CVSS6AI score0.00249EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/06/20 12:0 a.m.6 views

PT-2025-26354 · Unknown · Thanhtungtnt Video List Manager

Name of the Vulnerable Software and Affected Versions: thanhtungtnt Video List Manager versions 1.7 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For thanhtungtnt Vide...

5.3CVSS6AI score0.00249EPSS
Exploits0References4
NVD
NVD
added 2025/06/17 3:15 p.m.5 views

CVE-2025-49872

Missing Authorization vulnerability in Saad Iqbal myCred mycred allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects myCred: from n/a through = 2.9.4.2...

5.3CVSS0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/17 3:1 p.m.11 views

CVE-2025-49864 WordPress AFS Analytics plugin <= 4.21 - Broken Access Control Vulnerability

Missing Authorization vulnerability in AFS Analytics AFS Analytics addfreestats allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects AFS Analytics: from n/a through = 4.21...

5.3CVSS0.00211EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/17 12:0 a.m.8 views

PT-2025-25724 · Unknown · Afs Analytics

Name of the Vulnerable Software and Affected Versions: AFS Analytics versions through 4.21 Description: The issue is related to a Missing Authorization vulnerability, where AFS Analytics allows accessing functionality not properly constrained by ACLs. Recommendations: For versions through 4.21,...

5.3CVSS5AI score0.00211EPSS
Exploits0References4
NVD
NVD
added 2025/06/06 1:15 p.m.6 views

CVE-2025-30934

Missing Authorization vulnerability in OLIVESYSTEM 診断ジェネレータ作成プラグイン os-diagnosis-generator allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects 診断ジェネレータ作成プラグイン: from n/a through = 1.4.16...

5.3CVSS0.00257EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/06 12:54 p.m.7 views

CVE-2025-30934 WordPress 診断ジェネレータ作成プラグイン plugin <= 1.4.16 - Broken Access Control Vulnerability

Missing Authorization vulnerability in OLIVESYSTEM 診断ジェネレータ作成プラグイン os-diagnosis-generator allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects 診断ジェネレータ作成プラグイン: from n/a through = 1.4.16...

5.3CVSS5.7AI score0.00257EPSS
Exploits0References1
NVD
NVD
added 2025/05/23 1:15 p.m.6 views

CVE-2025-47558

Missing Authorization vulnerability in RomanCode MapSVG mapsvg allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MapSVG: from n/a through 8.6.13...

7.5CVSS0.00365EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:16 a.m.10 views

CVE-2024-53708

Missing Authorization vulnerability in kekotron AI Quiz ai-quiz allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects AI Quiz: from n/a through = 1.1...

5.3CVSS7.2AI score0.0053EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:59 a.m.7 views

CVE-2023-46630

Improper Authentication vulnerability in wpase Admin and Site Enhancements ASE allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Admin and Site Enhancements ASE: from n/a through 5.7.1...

7.5CVSS6.9AI score0.00447EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 2:9 a.m.11 views

CVE-2023-51542

Authentication Bypass by Spoofing vulnerability in WPMU DEV Branda allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Branda: from n/a through 3.4.14...

5.3CVSS6.9AI score0.00372EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:14 a.m.19 views

CVE-2022-44587

Insertion of Sensitive Information into Log File vulnerability in WP 2FA allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP 2FA: from n/a through 2.6.3...

7.5CVSS6.9AI score0.00441EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:43 p.m.6 views

CVE-2020-5836

Symantec Endpoint Protection, prior to 14.3, can potentially reset the ACLs on a file as a limited user while Symantec Endpoint Protection's Tamper Protection feature is disabled...

7.8CVSS6.8AI score0.00358EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:36 a.m.8 views

CVE-2018-20895

In cPanel before 71.9980.37, API tokens retain ACLs after those ACLs are removed from the corresponding accounts SEC-393...

7.2CVSS7AI score0.01036EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 9:32 p.m.7 views

CVE-2005-3177

CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003, when running in fix mode, does not properly handle security descriptors if the master file table contains a large number of files or if the descriptors do not satisfy certain NTFS conventions,...

4.6CVSS6.9AI score0.01376EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 9:31 p.m.12 views

CVE-2005-3168

The SECEDIT command on Microsoft Windows 2000 before Update Rollup 1 for SP4, when using a security template to set Access Control Lists ACLs on folders, does not apply ACLs on folders that are listed after a long folder entry, which could result in less secure permissions than specified by the...

7.5CVSS7AI score0.03806EPSS
Exploits0References1
Rows per page
Query Builder