CVE-2025-47555

Authorization Bypass Through User-Controlled Key vulnerability in Themeum Tutor LMS tutor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tutor LMS: from n/a through = 3.9.4...

Quick Heal Antivirus Pro 安全漏洞

Quick Heal Antivirus Pro is an antivirus software from Quick Heal India. A security vulnerability exists in Quick Heal Antivirus Pro version 24.1.0.182 and prior versions, which stems from the presence of faulty access control that allows an authenticated attacker with low-level privileges to...

Northern.tech Mender 安全漏洞

Northern.tech Mender is a secure and reliable remote update solution from Northern.tech, Inc. It is suitable for connected devices of any size. A security vulnerability exists in Northern.tech Mender versions prior to 3.6.5 and 3.7.x prior to 3.7.5 that stems from the presence of faulty access...

Bandisoft BandiView 安全漏洞

Bandisoft bandiview is an image viewer and editor software from the Korean company Bandisoft. A security vulnerability exists in Bandisoft BandiView version 7.05, which stems from the presence of faulty access control via sub0x232bd8, resulting in a denial of service DOS...

Kashipara Music Management System 安全漏洞

Kashipara Music Management System is a music management system from Kashipara. A security vulnerability exists in Kashipara Music Management System version v1.0, which stems from faulty access control in /music/ajax.php?action=deletegenre, which could allow an unauthenticated attacker to delete...

BookStack Security Breach

BookStack is a simple, self-hosted, easy-to-use platform from BookStack, Inc. for organizing and storing information. A security vulnerability exists in BookStack versions prior to v24.05.1 that stems from the presence of faulty access controls that allow an attacker to identify existing system...

Northern.tech Mender security breach

Northern.tech Mender is a secure and reliable remote update solution from Northern.tech, Inc. for connected devices of any size. A security vulnerability exists in Northern.tech Mender that stems from the presence of faulty access control, resulting in an attacker privilege that can be escalated...

Lustre Security Vulnerabilities

Lustre is a Lustre community effort to provide a globally consistent POSIX-compatible distributed parallel file system for large-scale computing systems. A security vulnerability exists in Lustre versions 2.13.x through prior to 2.15.4, which stems from a vulnerability that could allow an attacke...

CVE-2023-48859

TOTOLINK A3002RU version 2.0.0-B20190902.1958 has a post-authentication RCE due to incorrect access control, allows attackers to bypass front-end security restrictions and execute arbitrary code...

ieGeek IG20 安全特征问题漏洞

The ieGeek IG20 is a webcam from ieGeek. A security vulnerability exists in the ieGeek IG20 hipcam RealServer version V1.0, which stems from a predictability flaw in the algorithm that generates the device id uid as a result of its faulty access control, allowing a remote attacker to directly...

IBM Cognos Analytics 安全漏洞

IBM Cognos Analytics is a suite of business intelligence software from IBM Corporation in the United States. IBM Cognos Analytics versions 11.2.1, 11.2.0 and 11.1.7 contain an information disclosure vulnerability that stems from faulty access controls that could be exploited by a low-level attack...

Sysaid Technologies SysAid 安全漏洞

Sysaid Technologies SysAid is a suite of IT service management solutions from Sysaid Technologies, Israel. Sysaid Technologies Sysaid suffers from a security vulnerability that stems from faulty access control. An attacker can exploit the vulnerability to receive sensitive data such as server...

Autumn 安全漏洞

Autumn is a collection of Web subsystems designed to provide general purpose Web system solutions. A security vulnerability exists in Autumn v1.0.4 and earlier versions that stems from incorrect access control. The vulnerability allows remote attackers to obtain plaintext login credentials via th...

Samsung SMR 安全漏洞

Samsung SMR is a system patch package from Samsung South Korea. It provides patches for Samsung mobile applications. A path traversal vulnerability exists in versions prior to SMR APR-2021 Release 1, which stems from faulty access control and can be exploited by an attacker to read or write...

Intel PAC with Arria 10 GX FPGA Elevation of Privilege Vulnerability

Intel PAC with Arria 10 GX FPGA and Intel Acceleration Stack are both products of Intel Corporation, U.S.A. Intel PAC with Arria 10 GX FPGA is a programmable acceleration card that uses Intel Arria 10 GX FPGAs Field Programmable Gate Arrays. Intel Acceleration Stack is an acceleration stack that...

Grafana Code Issues Vulnerabilities

Grafana is a set of open source monitoring tools from Grafana Labs that provide a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. A remote code execution vulnerability exists in the avatar feature in Grafana versions...

ONAP Service Design and Creation Code Injection Vulnerability

ONAP Service Design and Creation SDC is a set of visual modeling and design tools for the ONAP project. A code injection vulnerability exists in ONAP SDC Dublin and prior versions that stems from faulty access control. A remote attacker can exploit this vulnerability by accessing port 7000 of the...

ONAP Service Design and Creation Code Injection Vulnerability (CNVD-2020-24673)

ONAP Service Design and Creation SDC is a set of visual modeling and design tools for the ONAP project. A code injection vulnerability exists in ONAP SDC Dublin and prior versions that stems from faulty access control. A remote attacker can exploit this vulnerability by accessing port 7001 of the...

DEBIAN-CVE-2017-15914

Incorrect implementation of access controls allows remote users to override repository restrictions in Borg servers 1.1.x before 1.1.3...

IBM Daeja ViewONE Arbitrary File Download Vulnerability

IBM Daeja ViewONE Virtual, Daeja ViewONE Standard, and Daeja ViewONE Professional are all products of IBM Corporation of the U.S.A. IBM Daeja ViewONE Virtual is a document viewer that supports TIFF, PDF, and Office-based documents. IBM Daeja ViewONE Virtual is a document viewer that supports TIFF...