CVE-2024-46897

Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. A logged-in user with the permission of table management may obtain and/or alter the information of the unauthorized table...

CVE-2024-12151

Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0 and earlier allows users to retain their old permission sets...

CVE-2024-12149

Incorrect permission assignment in temporary access requests component in Devolutions Remote Desktop Manager 2024.3.19.0 and earlier on Windows allows an authenticated user that request temporary permissions on an entry to obtain more privileges than requested...

CVE-2024-53258

Autolab is a course management service that enables auto-graded programming assignments. From Autolab versions v.3.0.0 onward students can download all assignments from another student, as long as they are logged in, using the downloadallsubmissions feature. This can allow for leakage of...

CVE-2024-47157

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions...

CVE-2023-47564

An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the vulnerability in the following versions: Qsync...

CVE-2023-23438

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions...

CVE-2023-23429

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions...

CVE-2023-23427

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions...

CVE-2023-23428

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions...

CVE-2023-51433

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak...

CVE-2023-51435

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak...

CVE-2023-51429

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak...

CVE-2023-51430

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak...

CVE-2023-6815

Incorrect Privilege Assignment vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series Safety CPU R08/16/32/120SFCPU all versions and MELSEC iQ-R Series SIL2 Process CPU R08/16/32/120PSFCPU all versions allows a remote authenticated attacker who has logged into the product as a...

CVE-2023-38734

IBM Robotic Process Automation 21.0.0 through 21.0.7.1 and 23.0.0 through 23.0.1 is vulnerable to incorrect privilege assignment when importing users from an LDAP directory. IBM X-Force ID: 262481...

CVE-2023-46142

A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote attacker with low privileges to gain full access on the affected devices...

CVE-2023-32749

Pydio Cells allows users by default to create so-called external users in order to share files with them. By modifying the HTTP request sent when creating such an external user, it is possible to assign the new user arbitrary roles. By assigning all roles to a newly created user, access to all...

CVE-2023-23430

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions...

CVE-2023-51431

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions...