CVE-2026-1411

A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.0955. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather high...

CVE-2026-1411

A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.0955. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather high...

CVE-2026-1411

A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.0955. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather high...

CVE-2026-1411

CVE-2026-1411 affects Beetel 777VR1 (up to 01.00.09/01.00.09_55). The issue is described as an unknown function in the UART Interface that allows improper access controls. Attacks are stated to be feasible on the physical device, with a high attack complexity and high privileges required. Exploit...

CVE-2026-1411

A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.0955. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather high...

EUVD-2026-4685

A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.0955. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather high...

WordPress plugin HomeLancer has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2023-4546

A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230816. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /sysmanage/licence.php. The manipulation leads to improper access controls. The exploit has been disclosed...

CVE-2023-40371

IBM AIX 7.2, 7.3, VIOS 3.1's OpenSSH implementation could allow a non-privileged local user to access files outside of those allowed due to improper access controls. IBM X-Force ID: 263476...

CVE-2020-7294

Privilege Escalation vulnerability in McAfee Web Gateway MWG prior to 9.2.1 allows authenticated user interface user to delete or download protected files via improper access controls in the REST interface...

CVE-2024-41773

IBM Global Configuration Management 7.0.2 and 7.0.3 could allow an authenticated user to archive a global baseline due to improper access controls...

CVE-2023-29130

A vulnerability has been identified in SIMATIC CN 4100 All versions V2.5. Affected device consists of improper access controls in the configuration files that leads to privilege escalation. An attacker could gain admin access with this vulnerability leading to complete device control...

CVE-2023-31003

IBM Security Access Manager Container IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1 could allow a local user to obtain root access due to improper access controls. IBM X-Force ID: 254658...

CVE-2024-2281

A vulnerability was found in boyiddha Automated-Mess-Management-System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php of the component Setting Handler. The manipulation leads to improper access controls. The attack can be initiated...

CVE-2025-15084

A vulnerability was identified in youlaitech youlai-mall 1.0.0/2.0.0. The impacted element is the function orderService.payOrder of the file mall-oms/oms-boot/src/main/java/com/youlai/mall/oms/controller/app/OrderController.java of the component Order Payment Handler. The manipulation leads to...

EUVD-2025-205383

A vulnerability was identified in youlaitech youlai-mall 1.0.0/2.0.0. The impacted element is the function orderService.payOrder of the file mall-oms/oms-boot/src/main/java/com/youlai/mall/oms/controller/app/OrderController.java of the component Order Payment Handler. The manipulation leads to...

PT-2025-53407

Name of the Vulnerable Software and Affected Versions youlaitech youlai-mall versions 1.0.0 through 2.0.0 Description An issue exists in youlaitech youlai-mall that relates to improper access controls. The affected component is the Order Payment Handler, specifically within the...

CVE-2025-14749

A vulnerability was identified in Ningyuanda TC155 57.0.2.0. This impacts an unknown function of the file /onvif/deviceservice of the component ONVIF PTZ Control Interface. The manipulation leads to improper access controls. The attack requires being on the local network. The exploit is publicly...

CVE-2025-14749

CVE-2025-14749 affects Ningyuanda TC155, version 57.0.2.0, specifically the ONVIF PTZ Control Interface component via the file /onvif/device_service. Root cause: improper access controls leading to unauthorized access. Attack requires local network access; exploit is publicly available. Implicati...

PT-2025-51365

Name of the Vulnerable Software and Affected Versions Ningyuanda TC155 version 57.0.2.0 Description A flaw exists within the ONVIF PTZ Control Interface component of Ningyuanda TC155 version 57.0.2.0, specifically concerning the file /onvif/device service. This issue results in improper access...