Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Positive Technologies
Positive Technologiesadded 2025/04/11 12:0 a.m.1 views

PT-2025-16017 · W. W. Norton · W. W. Norton Inquizitive

Name of the Vulnerable Software and Affected Versions: W. W. Norton InQuizitive versions through 2025-04-08 Description: The issue allows students to insert arbitrary records of their quiz performance into the backend due to the existence of only client-side access control. This is related to a...

7.7CVSS6.3AI score0.00172EPSS
Exploits1References7
CVE
CVEadded 2025/04/11 12:0 a.m.52 views

CVE-2025-32808

Affected software: W. W. Norton InQuizitive (through 2025-04-08). The vulnerability arises from client-side access control, allowing a student to insert arbitrary quiz records into the backend, with integrity impact (I=HIGH) and no confidentiality impact (C=NONE). CVSS details: CVSS 3.1 base scor...

7.7CVSS7AI score0.00172EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2025/04/11 12:0 a.m.6 views

CVE-2025-32808

W. W. Norton InQuizitive through 2025-04-08 allows students to insert arbitrary records of their quiz performance into the backend, because only client-side access control exists...

7.7CVSS7.6AI score0.00172EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 2025/03/28 12:0 a.m.5 views

Devolutions Remote Desktop < 2024.3.31 / 2025.x < 2025.1.26 multiple vulnerabilities (DEVO-2025-0005)

The version of Devolutions Remote Desktop Manager installed on the remote host is prior to 2024.3.31 / 2025.1.26 and is, therefore, affected by multiple vulnerabilities: - Client side access control bypass in the permission component in Devolutions Remote Desktop Manager on Windows. An...

6.8CVSS5.6AI score0.00292EPSS
Exploits0References5
Prion
Prionadded 2018/12/26 9:29 p.m.10 views

Design/Logic Flaw

An issue was discovered in Rockwell Automation Allen-Bradley PowerMonitor 1000. An unauthenticated user can add/edit/remove administrators because access control is implemented on the client side via a disabled attribute for a BUTTON element...

6.8CVSS7.9AI score0.02635EPSS
Exploits4References5Affected Software1
Cvelist
Cvelistadded 2018/12/26 8:0 p.m.14 views

CVE-2018-19616

An issue was discovered in Rockwell Automation Allen-Bradley PowerMonitor 1000. An unauthenticated user can add/edit/remove administrators because access control is implemented on the client side via a disabled attribute for a BUTTON element...

7AI score0.02635EPSS
Exploits4References5
CVE
CVEadded 2013/01/31 11:0 a.m.57 views

CVE-2012-0701

CVE-2012-0701 : The IBM InfoSphere DataStage client in Information Server 8.1, 8.5 (before FP3), and 8.7 relies on client-side access control, enabling remote authenticated users to escalate privileges via unspecified vectors. Remediation (per IBM Security Bulletin): for 8.1, install Fix Pack 2 a...

6.5CVSS6.4AI score0.00349EPSS
Exploits1References2Affected Software2
Rows per page
Query Builder