| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows exposure of Custom Settings data.
This impacts OmniStudio: before version 254. |
| Incorrect access control in M2Soft CROWNIX Report & ERS affected v7.x to v7.4.3.599 and v8.x to v8.0.3.79 allows unauthorized attackers to obtain Administrator account access. |
| In OPPOStore iOS App, there's a possible escalation of privilege due to improper input validation. |
| The VK Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.94.2.2 via the page content block. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including the content of private posts and pages. |
| A flaw in Gliffy results in broken authentication through the reset functionality of the application. |
| An issue was discovered in Newland Nquire 1000 Interactive Kiosk version NQ1000-II_G_V1.00.011, allows remote attackers to escalate privileges and bypass authentication via incorrect access control in the web management portal. |
| CWE-284: Improper Access Control |
| Formbricks is an open source qualtrics alternative. Prior to version 4.0.1, Formbricks is missing JWT signature verification. This vulnerability stems from a token validation routine that only decodes JWTs (jwt.decode) without verifying their signatures. Both the email verification token login path and the password reset server action use the same validator, which does not check the token’s signature, expiration, issuer, or audience. If an attacker learns the victim’s actual user.id, they can craft an arbitrary JWT with an alg: "none" header and use it to authenticate and reset the victim’s password. This issue has been patched in version 4.0.1. |
| Incorrect access control in dts-shop v0.0.1-SNAPSHOT allows attackers to bypass authentication via sending a crafted payload to /admin/auth/index. |
| Certain models of routers from Billion Electric has an Authentication Bypass vulnerability, allowing unautheticated attackers to retrive contents of arbitrary web pages. |
| Zope AccessControl provides a general security framework for use in Zope. In affected versions anonymous users can delete the user data maintained by an `AccessControl.userfolder.UserFolder` which may prevent any privileged access. This problem has been fixed in version 7.2. Users are advised to upgrade. Users unable to upgrade may address the issue by adding `data__roles__ = ()` to `AccessControl.userfolder.UserFolder`. |
| BloodX 1.0 contains an authentication bypass vulnerability in login.php that allows attackers to access the dashboard without valid credentials. Attackers can exploit the vulnerability by sending a crafted payload with '=''or' parameters to bypass login authentication and gain unauthorized access. |
| An “Authentication Bypass Using an Alternate Path or Channel” vulnerability in the OPC UA Server configuration required for B&R mapp Cockpit before 6.0, B&R mapp View before 6.0, B&R mapp Services before 6.0, B&R mapp Motion before 6.0 and B&R mapp Vision before 6.0 may be used by an unauthenticated network-based attacker to cause information disclosure, unintended change of data, or denial of service conditions.
B&R mapp Services is only affected, when mpUserX or mpCodeBox are used in the Automation Studio project. |
| Vite a frontend build tooling framework for javascript. In affected versions the contents of arbitrary files can be returned to the browser. `@fs` denies access to files outside of Vite serving allow list. Adding `?import&raw` to the URL bypasses this limitation and returns the file content if it exists. This issue has been patched in versions 5.4.6, 5.3.6, 5.2.14, 4.5.5, and 3.2.11. Users are advised to upgrade. There are no known workarounds for this vulnerability. |
| A vulnerability classified as critical has been found in feng_ha_ha/megagao ssm-erp and production_ssm 1.0. This affects the function uploadPicture of the file PictureServiceImpl.java. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product is distributed under two entirely different names. |
| The YITH WooCommerce Gift Cards plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_mail_status' and 'save_email_settings' functions in all versions up to, and including, 4.12.0. This makes it possible for unauthenticated attackers to modify WooCommerce settings. |
| Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (DataMapper) allows exposure of encrypted data.
This impacts OmniStudio: before Spring 2025 |
| Lavasoft Web Companion (also known as Ad-Aware WebCompanion) versions 8.9.0.1091 through 12.1.3.1037 installs the DCIService.exe service with an unquoted service path vulnerability. An attacker with write access to the file system could potentially execute arbitrary code with elevated privileges by placing a malicious executable in the unquoted path. |
| A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones through 6.3 SP3 HF4, 6900w Series SIP Phone through 6.3.3, and 6970 Conference Unit through 5.1.1 SP8 allows an unauthenticated attacker to conduct an unauthorized access attack due to improper access control. A successful exploit could allow an attacker to gain unauthorized access to user information or the system configuration. |
| Affected Vertiv products do not properly protect webserver functions that could allow an attacker to bypass authentication. |
