112 matches found
PT-2025-32525 · Broadcom · Symantec Pgp Encryption
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: Privilege escalation occurs when a user gains access to more resources or functionality than they are normally permitted. Recommendations: At the moment, ther...
SAMSUNG DMS 安全漏洞
SAMSUNG DMS is a data management server from Samsung South Korea. A security vulnerability exists in SAMSUNG DMS that originates from execution after redirection and could lead to the execution of restricted functionality...
CVE-2025-49991
Missing Authorization vulnerability in tggfref WP-Recall allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WP-Recall: from n/a through 16.26.14...
CVE-2024-8322
Weak authentication in Patch Management of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker to access restricted functionality...
CVE-2019-18181
In CloudVision Portal all releases in the 2018.1 and 2018.2 Code train allows users with read-only permissions to bypass permissions for restricted functionality via CVP API calls through the Configlet Builder modules. This vulnerability can potentially enable authenticated users with read-only...
CVE-2025-48346
Missing Authorization vulnerability in Embed360 Embed and Integrate Etsy Shop embed-and-integrate-etsy-shop allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Embed and Integrate Etsy Shop: from n/a through = 1.0.8...
CVE-2024-11771
Path traversal in Ivanti CSA before version 5.0.5 allows a remote unauthenticated attacker to access restricted functionality...
CVE-2024-8181
An Authentication Bypass vulnerability exists in Flowise version 1.8.2. This could allow a remote, unauthenticated attacker to access API endpoints as an administrator and allow them to access restricted functionality...
CVE-2025-24401
CVE-2025-24401 affects the Jenkins Folder-based Authorization Strategy Plugin (versions 217.vd5b_18537403e and earlier). The root cause is that the plugin does not verify that permissions configured to be granted are enabled, potentially letting users who were previously granted optional permissi...
CVE-2024-43341
Missing Authorization vulnerability in CozyThemes Hello Agency allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Hello Agency: from n/a through 1.0.5...
CVE-2024-37463
Missing Authorization vulnerability in CRM Perks CRM Perks Forms allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects CRM Perks Forms: from n/a through 1.1.5...
CVE-2024-8963
Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality...
Ivanti Cloud Services Appliance 安全漏洞
The Ivanti Cloud Services Appliance Ivanti CSA is an Internet application from Ivanti Corporation, USA. It provides secure communications and functionality over the Internet. A security vulnerability exists in the Ivanti Cloud Services Appliance prior to version 4.6 Patch 519, which stems from th...
CVE-2024-8963
Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2024-8322
Weak authentication in Patch Management of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker to access restricted functionality...
CVE-2024-8322
Weak authentication in Patch Management of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker to access restricted functionality...
CVE-2024-8322
Weak authentication in Patch Management of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker to access restricted functionality...
CVE-2024-8322
Weak authentication in Patch Management of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker to access restricted functionality...
CVE-2024-8322
Ivanti Endpoint Manager (EPM) is affected by CVE-2024-8322 due to weak authentication in Patch Management prior to 2022 SU6 or the 2024 September update. The issue allows a remote authenticated attacker to access restricted functionality. Public references describe it as part of a set of EPM vuln...
CVE-2024-43939
Missing Authorization vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Z Y N I T H: from n/a through 7.4.9...