CVE-2023-30476 WordPress Blogger Buzz theme <= 1.2.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Sparkle Themes Blogger Buzz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Blogger Buzz: from n/a through 1.2.2...

CVE-2023-50884 WordPress LA-Studio Element Kit for Elementor plugin <= 1.1.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in LA-Studio LA-Studio Element Kit for Elementor lastudio-element-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LA-Studio Element Kit for Elementor: from n/a through = 1.1.5...

CVE-2024-10776

CVE-2024-10776 concerns SICK InspectorP61x/InspectorP62x (and related TiM3xx in SICK PSIRT context) where Lua apps can be deployed, removed, started, reloaded or stopped without authorization through AppManager. This leads to DoS by removing legitimate apps, plus reading/writing files or loading ...

IBM Security SOAR Authorization Issues Vulnerability

IBM Security SOAR is a product from International Business Machines IBM, formerly known as Resilient. designed to help your security team confidently respond to cyber threats, automate through intelligence, and collaborate through consistency. IBM Security SOAR has an authorization issue...

Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2024-2643)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Improper Access Control

S3 Gateway is vulnerable to Improper Access Control. The vulnerability is due to inadequate authorization checks, allowing authenticated users to send requests to the delete-objects API and delete files they are not authorized to access...

EulerOS 2.0 SP8 : sssd (EulerOS-SA-2024-2492)

According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper...

Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2024-2492)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Lenovo XClarity Administrator (LXCA) Vulnerabilities - Lenovo Support US

No description provided...

Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2024-2317)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP12 : sssd (EulerOS-SA-2024-2251)

According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper...

EulerOS Virtualization 2.10.1 : sssd (EulerOS-SA-2024-2149)

According to the versions of the sssd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to...

EulerOS 2.0 SP8 : sssd (EulerOS-SA-2024-2054)

According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper...

SAP Commerce Authorization Issues Vulnerability (CNVD-2024-36346)

SAP Commerce is a set of cloud-based e-commerce platform from Germany's SAP. This product supports sales management, marketing management, order management and operations management. SAP Commerce suffers from an authorization issue vulnerability that originates from a user being able to abuse the...

SolarWinds Access Rights Manager Authorization Issues Vulnerability (CNVD-2024-34980)

SolarWinds Access Rights Manager is a lightweight review management system from SolarWinds. An authorization issue vulnerability exists in SolarWinds Access Rights Manager, which can be exploited by an attacker to abuse the SolarWinds service to remotely execute code...

Duplicate Advisory: CVE-2024-5138: snapd snapctl auth bypass

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-p9v8-q5m4-pf46. This link is maintained to preserve external references. Original Description The snapctl component within snapd allows a confined snap to interact with the snapd daemon to take certain privilege...

SAP My Travel Requests Authorization Issues Vulnerability

SAP My Travel Requests is a transactional application from SAP, USA. An authorization issue vulnerability exists in SAP My Travel Requests, which stems from a failure to perform the required authorization checks on authenticated users, and can be exploited by an attacker to cause an escalation of...

OpenCTI Authorization Issues Vulnerabilities

OpenCTI is OpenCTI's open cyber threat intelligence platform. An authorization issue vulnerability exists in OpenCTI version 5.12.31 and prior versions, which stems from a lack of certain security controls in the profile editing functionality, and can be exploited by an authenticated,...

sssd: Race condition during authorization leads to GPO policies functioning inconsistently

A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately...

CentOS 8 : sssd (CESA-2024:3270)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:3270 advisory. - A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization...