CVE-2024-12307

A function-level access control vulnerability in Unifiedtransform version 2.0 and potentially earlier versions allows teachers to modify student personal data without proper authorization. The vulnerability exists due to missing access control checks in the student editing functionality. At the...

CVE-2024-12307 Function-Level Access Control Vulnerability Allows Unauthorized Modification of Student Data in Unifiedtransform

A function-level access control vulnerability in Unifiedtransform version 2.0 and potentially earlier versions allows teachers to modify student personal data without proper authorization. The vulnerability exists due to missing access control checks in the student editing functionality. At the...

Mozilla: Missing Function Level Access Control in Mozilla formula containsRegular Expression Denial of Service (CVE-2023-25166)

Vulnerability description not provided...

CVE-2020-4348

IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.4 could allow an authenticated GUI user to perform unauthorized actions due to missing function level access control. IBM X-Force ID: 178414...

Code injection

IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.4 could allow an authenticated GUI user to perform unauthorized actions due to missing function level access control. IBM X-Force ID: 178414...

Security Bulletin: IBM StoredIQ is affected by a missing function level access control vulnerability (CVE-2019-4163)

Summary IBM StoredIQ has addressed the following vulnerability: Missing function level access control. Vulnerability Details CVEID: CVE-2019-4163 DESCRIPTION: IBM StoreIQ could allow an authenticated user to obtain sensitive information that a privileged user should only be allowed to view. CVSS...

CVE-2019-4194

IBM Jazz for Service Management versions 1.1.3–1.1.3.2 are affected by a missing function level access control allowing a user to delete authorized resources. Root cause: insufficient access control at function level. Impact: potential deletion of authorized resources. Mitigation: apply the fix 1...

CVE-2019-4194

IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 is missing function level access control that could allow a user to delete authorized resources. IBM X-Force ID: 159033...

Sophos XG Firewall 16.05.4 MR-4 - Path Traversal

Sophos XG Firewall 16.05.4 MR-4 - Path Traversal Vulnerabilities Summary The following advisory describe two 2 vulnerabilities, a Path Traversal and a Missing Function Level Access Control, in Sophos XG Firewall 16.05.4 MR-4. Sophos XG Firewall provides “unprecedented visibility into your network...

ManageEngine OPutils 8.0 - Multiple Vulnerabilities

ManageEngine OPutils 8.0 - Multiple Vulnerabilities =================================================================================== Privilege escalation Vulnerability in ManageEngine oputils =================================================================================== Overview ========...

ManageEngine OPutils 8.0 - Multiple Vulnerabilities

=================================================================================== Privilege escalation Vulnerability in ManageEngine oputils =================================================================================== Overview ======== Title:- Privilege escalation Vulnerability in...

ManageEngine OPutils 8.0 - Multiple Vulnerabilities

Exploit for multiple platform in category web applications =================================================================================== Privilege escalation Vulnerability in ManageEngine oputils =================================================================================== Overview...