Lucene search
K

63254 matches found

Nuclei
Nuclei
added yesterday29 views

Dapr Dashboard 0.1.0-0.10.0 - Improper Access Control

Dapr Dashboard 0.1.0 through 0.10.0 is susceptible to improper access control. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2022-38817 info: name: Dapr Dashboard 0.1.0-0.10.0 - Improper Access Control author: For3stCo1d...

7.5CVSS7.1AI score0.02941EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday13 views

vCenter Server - Improper Access Control

Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed. id: CVE-2021-22017 info: name:...

5.3CVSS7AI score0.47642EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday15 views

VMware vRealize Log Insight - Improper Access Control to RCE

The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an impacted appliance which can result in remote code execution. id: CVE-2022-31704 info: name: VMware vRealize Log Insight - Improper Acces...

9.8CVSS7.6AI score0.81011EPSS
Exploits3References3
Nuclei
Nuclei
added yesterday155 views

Adobe Connect < 12.1.5 - Local File Disclosure

Adobe Connect versions 11.4.5 and earlier, 12.1.5 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the integrity of a minor feature. Exploitation of this issue does not...

5.3CVSS6.2AI score0.81875EPSS
Exploits4References4
Nuclei
Nuclei
added yesterday44 views

WAVLINK WN535 G3 - Improper Access Control

WAVLINK WN535 G3 M35G3R.V5030.180927 is susceptible to improper access control. A vulnerability in /cgi-bin/ExportAllSettings.sh allows an attacker to execute arbitrary code via a crafted POST request and thereby possibly obtain sensitive information, modify data, and/or execute unauthorized...

7.5CVSS7.4AI score0.02995EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday85 views

WordPress WPQA <5.5 - Improper Access Control

WordPress WPQA plugin before 5.5 is susceptible to improper access control. The plugin lacks authentication in a REST API endpoint. An attacker can potentially discover private questions sent between users on the site. id: CVE-2022-1598 info: name: WordPress WPQA 5.5 - Improper Access Control...

5.3CVSS6.2AI score0.05591EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday52 views

WAVLINK WN530HG4 - Improper Access Control

WAVLINK WN530HG4 M30HG4.V5030.191116 is susceptible to improper access control. It contains a hardcoded encryption/decryption key for its configuration files at /etcro/lighttpd/www/cgi-bin/ExportAllSettings.sh. An attacker can possibly obtain sensitive information, modify data, and/or execute...

9.8CVSS7.2AI score0.02415EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added yesterday9 views

Security Bulletin: Improper Access Control and Exposure of Information Through Directory Listing vulnerabilities affect IBM Cloud Pak System[CVE-2023-38265, CVE-2023-38005]

Summary Improper Access Control and Exposure of Information Through Directory Listing vulnerabilities affect Cloud Pak System respectively. IBM Cloud Pak System could allow an authenticated user to perform unauthorized tasks due to improper access controls , and disclose folder location informati...

5.3CVSS5.9AI score0.00207EPSS
Exploits0Affected Software2
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-58523

Improper access control in Microsoft Edge for Android allows an unauthorized attacker to bypass a security feature over a network...

6.5CVSS5.9AI score0.00497EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-58282

Improper access control in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

8.1CVSS6AI score0.00385EPSS
Exploits0References2Affected Software1
Microsoft CVE
Microsoft CVE
added 2 days ago4 views

Microsoft Edge for Android Security Feature Bypass Vulnerability

Improper access control in Microsoft Edge for Android allows an unauthorized attacker to bypass a security feature over a network...

6.5CVSS5.9AI score0.00497EPSS
Exploits0
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41444

Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a network...

4.8CVSS5.8AI score0.00326EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago10 views

PT-2026-55632

Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description Improper access control allows an unauthorized attacker to perform spoofing over a network. Spoofing is a technique where a person or program successfully masquerades as...

8.1CVSS6AI score0.00385EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-55659

Name of the Vulnerable Software and Affected Versions Microsoft Edge for Android affected versions not specified Description Improper access control allows an unauthorized attacker to bypass a security feature over a network. Recommendations At the moment, there is no information about a newer...

6.5CVSS5.9AI score0.00497EPSS
Exploits0References4
NVD
NVD
added 3 days ago7 views

CVE-2026-55116

A malicious actor with access to the network and under certain network configurations could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices...

9CVSS0.0022EPSS
Exploits0References1
NVD
NVD
added 3 days ago7 views

CVE-2026-55119

A malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi Talk Application to escalate privileges within the UniFi Talk Application...

8.1CVSS0.00201EPSS
Exploits0References1
NVD
NVD
added 3 days ago8 views

CVE-2026-55114

A malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi Network Application to escalate privileges within the UniFi Network Application...

8.8CVSS0.00232EPSS
Exploits0References1
NVD
NVD
added 3 days ago7 views

CVE-2026-55112

A malicious actor with access to the network and low privileges and under certain conditions could exploit an Improper Access Control vulnerability found in UniFi OS with UniFi Protect Application to escalate privileges on the host device...

7.5CVSS0.0019EPSS
Exploits0References1
NVD
NVD
added 3 days ago9 views

CVE-2026-55118

A malicious actor with access to the network,low privileges and under certain conditions could exploit an Improper Access Control vulnerability found in UniFi Network Application to escalate privileges within the UniFi Network Application...

8.3CVSS0.00195EPSS
Exploits0References1
NVD
NVD
added 3 days ago7 views

CVE-2026-54407

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to bypass authentication in certain UniFi Protect Application API endpoints...

8.6CVSS0.00306EPSS
Exploits0References1
Rows per page
Query Builder