PT-2020-5878

Name of the Vulnerable Software and Affected Versions: NETGEAR JGS516PE versions prior to 2.6.0.43 Description: The issue is related to the lack of access control at the function level in NETGEAR JGS516PE devices. This can be exploited by a remote attacker to cause a denial of service. There is n...

CVE-2020-4348

IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.4 could allow an authenticated GUI user to perform unauthorized actions due to missing function level access control. IBM X-Force ID: 178414...

Code injection

IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.4 could allow an authenticated GUI user to perform unauthorized actions due to missing function level access control. IBM X-Force ID: 178414...

CVE-2019-20679

NETGEAR MR1100 devices before 12.06.08.00 are affected by lack of access control at the function level...

CVE-2019-20679

NETGEAR MR1100 devices before 12.06.08.00 are affected by lack of access control at the function level...

CVE-2019-20676

Certain NETGEAR devices are affected by lack of access control at the function level. This affects FS728TLP before 1.0.1.26, GS105Ev2 before 1.6.0.4, GS105PE before 1.6.0.4, GS108Ev3 before 2.06.08, GS108PEv3 before 2.06.08, GS110EMX before 1.0.1.4, GS116Ev2 before 2.6.0.35, GS408EPP before...

CVE-2019-20679

NETGEAR MR1100 devices before 12.06.08.00 are affected by lack of access control at the function level...

CVE-2019-20676

Certain NETGEAR devices are affected by lack of access control at the function level. This affects FS728TLP before 1.0.1.26, GS105Ev2 before 1.6.0.4, GS105PE before 1.6.0.4, GS108Ev3 before 2.06.08, GS108PEv3 before 2.06.08, GS110EMX before 1.0.1.4, GS116Ev2 before 2.6.0.35, GS408EPP before...

CVE-2019-20641

NETGEAR RAX40 devices before 1.0.3.64 are affected by lack of access control at the function level...

CVE-2019-20641

NETGEAR RAX40 devices before 1.0.3.64 are affected by lack of access control at the function level...

Security Bulletin: IBM StoredIQ is affected by a missing function level access control vulnerability (CVE-2019-4163)

Summary IBM StoredIQ has addressed the following vulnerability: Missing function level access control. Vulnerability Details CVEID: CVE-2019-4163 DESCRIPTION: IBM StoreIQ could allow an authenticated user to obtain sensitive information that a privileged user should only be allowed to view. CVSS...

CVE-2019-4194

IBM Jazz for Service Management versions 1.1.3–1.1.3.2 are affected by a missing function level access control allowing a user to delete authorized resources. Root cause: insufficient access control at function level. Impact: potential deletion of authorized resources. Mitigation: apply the fix 1...

CVE-2019-4194

IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 is missing function level access control that could allow a user to delete authorized resources. IBM X-Force ID: 159033...

Missing Function Level Access Control

Binary data missingfunclevelaccessctrl.nbin...

Sophos XG Firewall 16.05.4 MR-4 - Path Traversal

Sophos XG Firewall 16.05.4 MR-4 - Path Traversal Vulnerabilities Summary The following advisory describe two 2 vulnerabilities, a Path Traversal and a Missing Function Level Access Control, in Sophos XG Firewall 16.05.4 MR-4. Sophos XG Firewall provides “unprecedented visibility into your network...

ManageEngine OPutils 8.0 - Multiple Vulnerabilities

ManageEngine OPutils 8.0 - Multiple Vulnerabilities =================================================================================== Privilege escalation Vulnerability in ManageEngine oputils =================================================================================== Overview ========...

ManageEngine OPutils 8.0 - Multiple Vulnerabilities

=================================================================================== Privilege escalation Vulnerability in ManageEngine oputils =================================================================================== Overview ======== Title:- Privilege escalation Vulnerability in...

ManageEngine OPutils 8.0 - Multiple Vulnerabilities

Exploit for multiple platform in category web applications =================================================================================== Privilege escalation Vulnerability in ManageEngine oputils =================================================================================== Overview...

SYSS-2015-033: Missing Function Level Access Control (CWE-935) in Page2Flip Premium App 2.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-033 Product: Page2Flip Vendor: w!ssenswerft GmbH Affected Versions: Premium App 2.5, probably also in Business App and Basic App, and in lower versions Tested Versions: Premium App 2.5 Vulnerability Type: Missing Function Leve...

[SECURITY] Fedora 20 Update: php-pecl-xhprof-0.9.4-1.fc20

XHProf is a function-level hierarchical profiler for PHP. This package provides the raw data collection component, implemented in C as a PHP extension. The HTML based navigational interface is provided in the "xhprof" package...