Export limit exceeded: 34622 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9597 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-48488 | 1 Huawei | 1 Emui | 2024-12-16 | 5.3 Medium |
| Vulnerability of bypassing the default desktop security controls.Successful exploitation of this vulnerability may cause unauthorized modifications to the desktop. | ||||
| CVE-2024-55998 | 2024-12-16 | 5.4 Medium | ||
| Missing Authorization vulnerability in dusthazard Popup Surveys & Polls for WordPress (Mare.io) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Surveys & Polls for WordPress (Mare.io): from n/a through 1.36. | ||||
| CVE-2024-55994 | 2024-12-16 | 4.3 Medium | ||
| Missing Authorization vulnerability in 搜狐畅言 畅言评论系统 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 畅言评论系统: from n/a through 2.0.5. | ||||
| CVE-2024-55992 | 2024-12-16 | 5.4 Medium | ||
| Missing Authorization vulnerability in Open Tools WooCommerce Basic Ordernumbers allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Basic Ordernumbers: from n/a through 1.4.4. | ||||
| CVE-2024-54384 | 2024-12-16 | 4.3 Medium | ||
| Missing Authorization vulnerability in eLightUp Falcon – WordPress Optimizations & Tweaks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Falcon – WordPress Optimizations & Tweaks: from n/a through 2.8.3. | ||||
| CVE-2024-55996 | 2024-12-16 | 6.1 Medium | ||
| Missing Authorization vulnerability in Dreamfox Dreamfox Media Payment gateway per Product for Woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dreamfox Media Payment gateway per Product for Woocommerce: from n/a through 3.5.6. | ||||
| CVE-2023-51380 | 1 Github | 1 Enterprise Server | 2024-12-16 | 2.7 Low |
| An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be read with an improperly scoped token. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.7.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1. | ||||
| CVE-2023-51379 | 1 Github | 1 Enterprise Server | 2024-12-16 | 4.9 Medium |
| An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be updated with an improperly scoped token. This vulnerability did not allow unauthorized access to any repository content as it also required contents:write and issues:read permissions. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.17.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1. | ||||
| CVE-2024-0038 | 1 Google | 1 Android | 2024-12-16 | 7.8 High |
| In injectInputEventToInputFilter of AccessibilityManagerService.java, there is a possible arbitrary input event injection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-41866 | 2024-12-16 | 4.3 Medium | ||
| Missing Authorization vulnerability in Team Plugins360 Automatic YouTube Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automatic YouTube Gallery: from n/a through 2.3.3. | ||||
| CVE-2023-41869 | 2024-12-16 | 4.3 Medium | ||
| Missing Authorization vulnerability in Alex Volkov WP Accessibility Helper (WAH) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Accessibility Helper (WAH): from n/a through 0.6.2.4. | ||||
| CVE-2023-41951 | 2024-12-16 | 4.3 Medium | ||
| Missing Authorization vulnerability in rtCamp rtMedia for WordPress, BuddyPress and bbPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects rtMedia for WordPress, BuddyPress and bbPress: from n/a through 4.6.14. | ||||
| CVE-2024-56009 | 2024-12-16 | 5.3 Medium | ||
| Missing Authorization vulnerability in spreadr Spreadr Woocommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Spreadr Woocommerce: from n/a through 1.0.4. | ||||
| CVE-2024-55993 | 2024-12-16 | 5.3 Medium | ||
| Missing Authorization vulnerability in PickPlugins Job Board Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Job Board Manager: from n/a through 2.1.60. | ||||
| CVE-2024-54369 | 2024-12-16 | 9.1 Critical | ||
| Missing Authorization vulnerability in ThemeHunk Zita Site Builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Zita Site Builder: from n/a through 1.0.2. | ||||
| CVE-2024-56003 | 2024-12-16 | 4.3 Medium | ||
| Missing Authorization vulnerability in David Cramer Caldera SMTP Mailer.This issue affects Caldera SMTP Mailer: from n/a through 1.0.1. | ||||
| CVE-2024-55999 | 2024-12-16 | 5.3 Medium | ||
| Missing Authorization vulnerability in Marco Giannini XML Multilanguage Sitemap Generator.This issue affects XML Multilanguage Sitemap Generator: from n/a through 2.0.6. | ||||
| CVE-2024-31134 | 1 Jetbrains | 1 Teamcity | 2024-12-16 | 6.5 Medium |
| In JetBrains TeamCity before 2024.03 authenticated users without administrative permissions could register other users when self-registration was disabled | ||||
| CVE-2024-36365 | 1 Jetbrains | 1 Teamcity | 2024-12-16 | 6.8 Medium |
| In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent | ||||
| CVE-2024-36364 | 1 Jetbrains | 1 Teamcity | 2024-12-16 | 6.5 Medium |
| In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 improper access control in Pull Requests and Commit status publisher build features was possible | ||||