63254 matches found
Dapr Dashboard 0.1.0-0.10.0 - Improper Access Control
Dapr Dashboard 0.1.0 through 0.10.0 is susceptible to improper access control. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2022-38817 info: name: Dapr Dashboard 0.1.0-0.10.0 - Improper Access Control author: For3stCo1d...
vCenter Server - Improper Access Control
Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed. id: CVE-2021-22017 info: name:...
VMware vRealize Log Insight - Improper Access Control to RCE
The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an impacted appliance which can result in remote code execution. id: CVE-2022-31704 info: name: VMware vRealize Log Insight - Improper Acces...
Adobe Connect < 12.1.5 - Local File Disclosure
Adobe Connect versions 11.4.5 and earlier, 12.1.5 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the integrity of a minor feature. Exploitation of this issue does not...
WAVLINK WN535 G3 - Improper Access Control
WAVLINK WN535 G3 M35G3R.V5030.180927 is susceptible to improper access control. A vulnerability in /cgi-bin/ExportAllSettings.sh allows an attacker to execute arbitrary code via a crafted POST request and thereby possibly obtain sensitive information, modify data, and/or execute unauthorized...
WordPress WPQA <5.5 - Improper Access Control
WordPress WPQA plugin before 5.5 is susceptible to improper access control. The plugin lacks authentication in a REST API endpoint. An attacker can potentially discover private questions sent between users on the site. id: CVE-2022-1598 info: name: WordPress WPQA 5.5 - Improper Access Control...
WAVLINK WN530HG4 - Improper Access Control
WAVLINK WN530HG4 M30HG4.V5030.191116 is susceptible to improper access control. It contains a hardcoded encryption/decryption key for its configuration files at /etcro/lighttpd/www/cgi-bin/ExportAllSettings.sh. An attacker can possibly obtain sensitive information, modify data, and/or execute...
Security Bulletin: Improper Access Control and Exposure of Information Through Directory Listing vulnerabilities affect IBM Cloud Pak System[CVE-2023-38265, CVE-2023-38005]
Summary Improper Access Control and Exposure of Information Through Directory Listing vulnerabilities affect Cloud Pak System respectively. IBM Cloud Pak System could allow an authenticated user to perform unauthorized tasks due to improper access controls , and disclose folder location informati...
CVE-2026-58523
Improper access control in Microsoft Edge for Android allows an unauthorized attacker to bypass a security feature over a network...
CVE-2026-58282
Improper access control in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
Microsoft Edge for Android Security Feature Bypass Vulnerability
Improper access control in Microsoft Edge for Android allows an unauthorized attacker to bypass a security feature over a network...
EUVD-2026-41444
Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a network...
PT-2026-55632
Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description Improper access control allows an unauthorized attacker to perform spoofing over a network. Spoofing is a technique where a person or program successfully masquerades as...
PT-2026-55659
Name of the Vulnerable Software and Affected Versions Microsoft Edge for Android affected versions not specified Description Improper access control allows an unauthorized attacker to bypass a security feature over a network. Recommendations At the moment, there is no information about a newer...
CVE-2026-55116
A malicious actor with access to the network and under certain network configurations could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices...
CVE-2026-55119
A malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi Talk Application to escalate privileges within the UniFi Talk Application...
CVE-2026-55114
A malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi Network Application to escalate privileges within the UniFi Network Application...
CVE-2026-55112
A malicious actor with access to the network and low privileges and under certain conditions could exploit an Improper Access Control vulnerability found in UniFi OS with UniFi Protect Application to escalate privileges on the host device...
CVE-2026-55118
A malicious actor with access to the network,low privileges and under certain conditions could exploit an Improper Access Control vulnerability found in UniFi Network Application to escalate privileges within the UniFi Network Application...
CVE-2026-54407
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to bypass authentication in certain UniFi Protect Application API endpoints...