| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In vowifi service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges |
| In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges |
| In Contacts service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges |
| In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges |
| In Contacts Service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges |
| In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges |
| In bluetooth service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. |
| In bluetooth service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. |
| In aee, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07909204; Issue ID: ALPS07909204. |
| Missing Authorization vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates).This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through 1.5.65. |
| The Palantir Tiles1 service was found to be vulnerable to an API wide issue where the service was not performing authentication/authorization on all the endpoints.
|
| The foundry campaigns service was found to be vulnerable to an unauthenticated information disclosure in a rest endpoint |
| In the module "Detailed Order" (lgdetailedorder) in version up to 1.1.20 from Linea Grafica for PrestaShop, a guest can download personal informations without restriction formatted in json. |
| Plane version 0.7.1 allows an unauthenticated attacker to view all stored server files of all users. |
| Missing Authorization vulnerability in Yoast Yoast SEO Premium.This issue affects Yoast SEO Premium: from n/a through 20.4. |
| A missing permission check in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. |
| An issue found in IXP Data Easy Install v.6.6.14884.0 allows an attacker to escalate privileges via lack of permissions applied to sub directories. |
| In Zimbra Collaboration (ZCS) 8.8.15 and 9.0, a closed account (with 2FA and generated passwords) can send e-mail messages when configured for Imap/smtp. |
| Missing Authorization vulnerability in CodePeople Calculated Fields Form allows Functionality Misuse.This issue affects Calculated Fields Form: from n/a through 1.1.120. |
| Certain HP LaserJet Pro print products are potentially vulnerable to an Elevation of Privilege and/or Information Disclosure related to a lack of authentication with certain endpoints. |
