Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-23803

Summary
Assigner-snyk
Assigner Org ID-bae035ff-b466-4ff4-94d0-fc9efd9e1730
Published At-17 Dec, 2021 | 20:05
Updated At-16 Sep, 2024 | 17:48
Rejected At-
Credits

Access Control Bypass

This affects the package latte/latte before 2.10.6. There is a way to bypass allowFunctions that will affect the security of the application. When the template is set to allow/disallow the use of certain functions, adding control characters (x00-x08) after the function will bypass these restrictions.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:snyk
Assigner Org ID:bae035ff-b466-4ff4-94d0-fc9efd9e1730
Published At:17 Dec, 2021 | 20:05
Updated At:16 Sep, 2024 | 17:48
Rejected At:
▼CVE Numbering Authority (CNA)
Access Control Bypass

This affects the package latte/latte before 2.10.6. There is a way to bypass allowFunctions that will affect the security of the application. When the template is set to allow/disallow the use of certain functions, adding control characters (x00-x08) after the function will bypass these restrictions.

Affected Products
Vendor
n/a
Product
latte/latte
Versions
Affected
  • From unspecified before 2.10.6 (custom)
Problem Types
TypeCWE IDDescription
textN/AAccess Control Bypass
Type: text
CWE ID: N/A
Description: Access Control Bypass
Metrics
VersionBase scoreBase severityVector
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Jiang
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://snyk.io/vuln/SNYK-PHP-LATTELATTE-1932226
x_refsource_MISC
https://github.com/nette/latte/issues/279
x_refsource_MISC
https://github.com/nette/latte/commit/227c86eda9a8a6d060ea8501923e768b6d992210
x_refsource_MISC
Hyperlink: https://snyk.io/vuln/SNYK-PHP-LATTELATTE-1932226
Resource:
x_refsource_MISC
Hyperlink: https://github.com/nette/latte/issues/279
Resource:
x_refsource_MISC
Hyperlink: https://github.com/nette/latte/commit/227c86eda9a8a6d060ea8501923e768b6d992210
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://snyk.io/vuln/SNYK-PHP-LATTELATTE-1932226
x_refsource_MISC
x_transferred
https://github.com/nette/latte/issues/279
x_refsource_MISC
x_transferred
https://github.com/nette/latte/commit/227c86eda9a8a6d060ea8501923e768b6d992210
x_refsource_MISC
x_transferred
Hyperlink: https://snyk.io/vuln/SNYK-PHP-LATTELATTE-1932226
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/nette/latte/issues/279
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/nette/latte/commit/227c86eda9a8a6d060ea8501923e768b6d992210
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:report@snyk.io
Published At:17 Dec, 2021 | 20:15
Updated At:27 Dec, 2021 | 19:33

This affects the package latte/latte before 2.10.6. There is a way to bypass allowFunctions that will affect the security of the application. When the template is set to allow/disallow the use of certain functions, adding control characters (x00-x08) after the function will bypass these restrictions.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches

nette
nette
>>latte>>Versions before 2.10.6(exclusive)
cpe:2.3:a:nette:latte:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-863Primarynvd@nist.gov
CWE ID: CWE-863
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/nette/latte/commit/227c86eda9a8a6d060ea8501923e768b6d992210report@snyk.io
Patch
Third Party Advisory
https://github.com/nette/latte/issues/279report@snyk.io
Exploit
Issue Tracking
Patch
Third Party Advisory
https://snyk.io/vuln/SNYK-PHP-LATTELATTE-1932226report@snyk.io
Exploit
Patch
Third Party Advisory
Hyperlink: https://github.com/nette/latte/commit/227c86eda9a8a6d060ea8501923e768b6d992210
Source: report@snyk.io
Resource:
Patch
Third Party Advisory
Hyperlink: https://github.com/nette/latte/issues/279
Source: report@snyk.io
Resource:
Exploit
Issue Tracking
Patch
Third Party Advisory
Hyperlink: https://snyk.io/vuln/SNYK-PHP-LATTELATTE-1932226
Source: report@snyk.io
Resource:
Exploit
Patch
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

220Records found

CVE-2020-15227
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-8.7||HIGH
EPSS-35.23% / 98.26%
||
7 Day CHG~0.00%
Published-01 Oct, 2020 | 19:00
Updated-04 Aug, 2024 | 13:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Code Execution vulnerability

Nette versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, 3.0.6 are vulnerable to an code injection attack by passing specially formed parameters to URL that may possibly leading to RCE. Nette is a PHP/Composer MVC Framework.

Action-Not Available
Vendor-nettenetteDebian GNU/Linux
Product-applicationdebian_linuxapplication
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2026-16126
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-Not Assigned
Published-18 Jul, 2026 | 15:45
Updated-18 Jul, 2026 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
zevorn rt-claw Swarm RPC Receiver swarm.c handle_rpc_request authorization

A vulnerability was determined in zevorn rt-claw up to 0.2.0. The impacted element is the function handle_rpc_request of the file claw/services/swarm/swarm.c of the component Swarm RPC Receiver. This manipulation causes incorrect authorization. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet.

Action-Not Available
Vendor-zevorn
Product-rt-claw
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-863
Incorrect Authorization
CVE-2023-24051
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.73% / 49.95%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 00:00
Updated-02 Aug, 2024 | 10:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A client side rate limit issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges via brute force style attacks.

Action-Not Available
Vendor-connectizen/aconnectize
Product-ac21000_g6_firmwareac21000_g6n/aac21000_g6_firmware
CWE ID-CWE-863
Incorrect Authorization
CWE ID-CWE-307
Improper Restriction of Excessive Authentication Attempts
CVE-2023-24052
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.73% / 49.95%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 00:00
Updated-02 Aug, 2024 | 10:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain control of the device via the change password functionality as it does not prompt for the current password.

Action-Not Available
Vendor-connectizen/aconnectize
Product-ac21000_g6_firmwareac21000_g6n/aac21000_g6_firmware
CWE ID-CWE-863
Incorrect Authorization
CVE-2024-28394
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.18% / 64.13%
||
7 Day CHG~0.00%
Published-19 Mar, 2024 | 00:00
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in Advanced Plugins reportsstatistics v1.3.20 and before allows a remote attacker to execute arbitrary code via the Sales Reports, Statistics, Custom Fields & Export module.

Action-Not Available
Vendor-n/aadvancedplugins
Product-n/areportsstatistics
CWE ID-CWE-863
Incorrect Authorization
CVE-2023-23594
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.52% / 71.69%
||
7 Day CHG~0.00%
Published-31 Mar, 2023 | 00:00
Updated-18 Feb, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An authentication bypass vulnerability in the web client interface for the CL4NX printer before firmware version 1.13.3-u724_r2 provides remote unauthenticated attackers with access to execute commands intended only for valid/authenticated users, such as file uploads and configuration changes.

Action-Not Available
Vendor-sato-globaln/a
Product-cl4nx_pluscl4nx_plus_firmwaren/a
CWE ID-CWE-863
Incorrect Authorization
CVE-2023-23924
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-10||CRITICAL
EPSS-3.57% / 88.07%
||
7 Day CHG~0.00%
Published-31 Jan, 2023 | 23:54
Updated-10 Mar, 2025 | 21:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
URI validation failure on SVG parsing in Dompdf

Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing `<image>` tags with uppercase letters. This may lead to arbitrary object unserialize on PHP < 8, through the `phar` URL wrapper. An attacker can exploit the vulnerability to call arbitrary URL with arbitrary protocols, if they can provide a SVG file to dompdf. In PHP versions before 8.0.0, it leads to arbitrary unserialize, that will lead to the very least to an arbitrary file deletion and even remote code execution, depending on classes that are available.

Action-Not Available
Vendor-dompdf_projectdompdf
Product-dompdfdompdf
CWE ID-CWE-551
Incorrect Behavior Order: Authorization Before Parsing and Canonicalization
CWE ID-CWE-863
Incorrect Authorization
CVE-2024-23653
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.98% / 85.78%
||
7 Day CHG~0.00%
Published-31 Jan, 2024 | 22:03
Updated-23 Aug, 2024 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BuildKit interactive containers API does not validate entitlements check

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In addition to running containers as build steps, BuildKit also provides APIs for running interactive containers based on built images. It was possible to use these APIs to ask BuildKit to run a container with elevated privileges. Normally, running such containers is only allowed if special `security.insecure` entitlement is enabled both by buildkitd configuration and allowed by the user initializing the build request. The issue has been fixed in v0.12.5 . Avoid using BuildKit frontends from untrusted sources.

Action-Not Available
Vendor-mobyprojectmobymobyproject
Product-buildkitbuildkitbuildkit
CWE ID-CWE-863
Incorrect Authorization
CVE-2023-22518
Matching Score-4
Assigner-Atlassian
ShareView Details
Matching Score-4
Assigner-Atlassian
CVSS Score-10||CRITICAL
EPSS-100.00% / 100.00%
||
7 Day CHG~0.00%
Published-31 Oct, 2023 | 14:30
Updated-24 Oct, 2025 | 13:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-11-28||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability.  Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.

Action-Not Available
Vendor-Atlassian
Product-confluence_data_centerconfluence_serverConfluence ServerConfluence Data CenterConfluence Data Center and Server
CWE ID-CWE-863
Incorrect Authorization
CVE-2023-22480
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.3||HIGH
EPSS-66.77% / 99.21%
||
7 Day CHG~0.00%
Published-14 Jan, 2023 | 00:03
Updated-10 Mar, 2025 | 21:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
KubeOperator is vulnerable to unauthorized access to system API

KubeOperator is an open source Kubernetes distribution focused on helping enterprises plan, deploy and operate production-level K8s clusters. In KubeOperator versions 3.16.3 and below, API interfaces with unauthorized entities and can leak sensitive information. This vulnerability could be used to take over the cluster under certain conditions. This issue has been patched in version 3.16.4.

Action-Not Available
Vendor-KubeOperator (FIT2CLOUD Inc.)FIT2CLOUD Inc.
Product-kubeoperatorKubeOperator
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-863
Incorrect Authorization
CVE-2018-1000155
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.21% / 64.95%
||
7 Day CHG~0.00%
Published-24 May, 2018 | 13:00
Updated-05 Aug, 2024 | 12:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenFlow version 1.0 onwards contains a Denial of Service and Improper authorization vulnerability in OpenFlow handshake: The DPID (DataPath IDentifier) in the features_reply message are inherently trusted by the controller. that can result in Denial of Service, Unauthorized Access, Network Instability. This attack appear to be exploitable via Network connectivity: the attacker must first establish a transport connection with the OpenFlow controller and then initiate the OpenFlow handshake.

Action-Not Available
Vendor-opennetworkingn/a
Product-openflown/a
CWE ID-CWE-863
Incorrect Authorization
CVE-2026-9350
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.28% / 19.79%
||
7 Day CHG~0.00%
Published-24 May, 2026 | 02:45
Updated-26 May, 2026 | 19:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NousResearch hermes-agent Batch Runner approval.py check_all_command_guards authorization

A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This affects the function check_all_command_guards of the file tools/approval.py of the component Batch Runner. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-NousResearch
Product-hermes-agent
CWE ID-CWE-862
Missing Authorization
CWE ID-CWE-863
Incorrect Authorization
CVE-2024-13258
Matching Score-4
Assigner-Drupal.org
ShareView Details
Matching Score-4
Assigner-Drupal.org
CVSS Score-9.8||CRITICAL
EPSS-0.63% / 46.09%
||
7 Day CHG+0.01%
Published-09 Jan, 2025 | 19:05
Updated-04 Jun, 2025 | 15:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Drupal REST & JSON API Authentication - Moderately critical - Access bypass - SA-CONTRIB-2024-022

Incorrect Authorization vulnerability in Drupal Drupal REST & JSON API Authentication allows Forceful Browsing.This issue affects Drupal REST & JSON API Authentication: from 0.0.0 before 2.0.13.

Action-Not Available
Vendor-rest_\&_json_api_authentication_projectThe Drupal Association
Product-rest_\&_json_api_authenticationDrupal REST & JSON API Authentication
CWE ID-CWE-863
Incorrect Authorization
CVE-2026-7663
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.26% / 17.34%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 19:16
Updated-02 Jul, 2026 | 18:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated Cross-User MCP Resource Access and Tool Execution via Streamable Transport Authorization Bypass

IBM Langflow OSS 1.0.0 through 1.9.6 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Streamable MCP transport endpoint.

Action-Not Available
Vendor-langflowIBM Corporation
Product-langflowLangflow OSS
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-863
Incorrect Authorization
CVE-2022-46080
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.56% / 83.31%
||
7 Day CHG~0.00%
Published-06 Jul, 2023 | 00:00
Updated-20 Nov, 2024 | 20:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nexxt Nebula 1200-AC 15.03.06.60 allows authentication bypass and command execution by using the HTTPD service to enable TELNET.

Action-Not Available
Vendor-nexxtsolutionsn/anexxtsolutions
Product-nebula1200-acnebula1200-ac_firmwaren/anebula1200-ac
CWE ID-CWE-863
Incorrect Authorization
CVE-2022-22167
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-7.2||HIGH
EPSS-0.67% / 47.87%
||
7 Day CHG~0.00%
Published-19 Jan, 2022 | 00:21
Updated-16 Sep, 2024 | 23:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: SRX Series: If no-syn-check is enabled, traffic classified as UNKNOWN gets permitted by pre-id-default-policy

A traffic classification vulnerability in Juniper Networks Junos OS on the SRX Series Services Gateways may allow an attacker to bypass Juniper Deep Packet Inspection (JDPI) rules and access unauthorized networks or resources, when 'no-syn-check' is enabled on the device. While JDPI correctly classifies out-of-state asymmetric TCP flows as the dynamic-application UNKNOWN, this classification is not provided to the policy module properly and hence traffic continues to use the pre-id-default-policy, which is more permissive, causing the firewall to allow traffic to be forwarded that should have been denied. This issue only occurs when 'set security flow tcp-session no-syn-check' is configured on the device. This issue affects Juniper Networks Junos OS on SRX Series: 18.4 versions prior to 18.4R2-S10, 18.4R3-S10; 19.1 versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R2-S2, 20.4R3; 21.1 versions prior to 21.1R2-S2, 21.1R3; 21.2 versions prior to 21.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 18.4R1.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-srx345srx5800srx380srx110srx4000srx4200srx340srx550_hmsrx4100srx220srx240h2srx240srx3600srx5000srx5400srx1400srx100srx3400srx300srx550srx320srx5600junossrx650srx210srx4600srx550msrx1500Junos OS
CWE ID-CWE-863
Incorrect Authorization
CVE-2024-10173
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.70% / 49.12%
||
7 Day CHG~0.00%
Published-20 Oct, 2024 | 05:00
Updated-22 Oct, 2024 | 17:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
didi DDMQ Console Module improper authentication

A vulnerability has been found in didi DDMQ 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Console Module. The manipulation with the input /;login leads to improper authentication. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-didiglobaldidididi
Product-ddmqDDMQddmq
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-863
Incorrect Authorization
CVE-2016-20002
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.18% / 64.18%
||
7 Day CHG~0.00%
Published-31 Dec, 2020 | 23:27
Updated-06 Aug, 2024 | 03:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The REST/JSON project 7.x-1.x for Drupal allows comment access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.

Action-Not Available
Vendor-rest\/json_projectn/a
Product-rest\/jsonn/a
CWE ID-CWE-863
Incorrect Authorization
CVE-2016-20005
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.18% / 64.18%
||
7 Day CHG~0.00%
Published-31 Dec, 2020 | 23:26
Updated-06 Aug, 2024 | 03:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The REST/JSON project 7.x-1.x for Drupal allows user registration bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.

Action-Not Available
Vendor-rest\/json_projectn/a
Product-rest\/jsonn/a
CWE ID-CWE-863
Incorrect Authorization
CVE-2016-20004
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.18% / 64.18%
||
7 Day CHG~0.00%
Published-31 Dec, 2020 | 23:27
Updated-06 Aug, 2024 | 03:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The REST/JSON project 7.x-1.x for Drupal allows field access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.

Action-Not Available
Vendor-rest\/json_projectn/a
Product-rest\/jsonn/a
CWE ID-CWE-863
Incorrect Authorization
CVE-2016-20001
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.18% / 64.18%
||
7 Day CHG~0.00%
Published-31 Dec, 2020 | 23:27
Updated-06 Aug, 2024 | 03:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The REST/JSON project 7.x-1.x for Drupal allows node access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.

Action-Not Available
Vendor-rest\/json_projectn/a
Product-rest\/jsonn/a
CWE ID-CWE-863
Incorrect Authorization
CVE-2023-6036
Matching Score-4
Assigner-WPScan
ShareView Details
Matching Score-4
Assigner-WPScan
CVSS Score-9.8||CRITICAL
EPSS-1.77% / 75.67%
||
7 Day CHG~0.00%
Published-12 Feb, 2024 | 16:06
Updated-06 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Web3 – Crypto wallet Login & NFT token gating < 3.0.0 - Authentication Bypass

The Web3 WordPress plugin before 3.0.0 is vulnerable to an authentication bypass due to incorrect authentication checking in the login flow in functions 'handle_auth_request' and 'hadle_login_request'. This makes it possible for non authenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username.

Action-Not Available
Vendor-miniorangeUnknown
Product-web3_-_crypto_wallet_login_\&_nft_token_gatingWeb3
CWE ID-CWE-863
Incorrect Authorization
CWE ID-CWE-287
Improper Authentication
CVE-2023-5521
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.3||HIGH
EPSS-0.58% / 43.95%
||
7 Day CHG~0.00%
Published-11 Oct, 2023 | 12:00
Updated-18 Sep, 2024 | 15:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect Authorization in tiann/kernelsu

Incorrect Authorization in GitHub repository tiann/kernelsu prior to v0.6.9.

Action-Not Available
Vendor-kernelsutianntiann
Product-kernelsutiann/kernelsukernelsu
CWE ID-CWE-863
Incorrect Authorization
CVE-2021-32619
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.11% / 62.33%
||
7 Day CHG~0.00%
Published-28 May, 2021 | 21:00
Updated-03 Aug, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Static imports inside dynamically imported modules do not adhere to permission checks

Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. In Deno versions 1.5.0 to 1.10.1, modules that are dynamically imported through `import()` or `new Worker` might have been able to bypass network and file system permission checks when statically importing other modules. The vulnerability has been patched in Deno release 1.10.2.

Action-Not Available
Vendor-denodenoland
Product-denodeno
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-863
Incorrect Authorization
CVE-2019-16114
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.78% / 90.92%
||
7 Day CHG~0.00%
Published-09 Sep, 2019 | 12:15
Updated-05 Aug, 2024 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ATutor 2.2.4, an unauthenticated attacker can change the application settings and force it to use his crafted database, which allows him to gain access to the application. Next, he can change the directory that the application uploads files to, which allows him to achieve remote code execution. This occurs because install/include/header.php does not restrict certain changes (to db_host, db_login, db_password, and content_dir) within install/include/step5.php.

Action-Not Available
Vendor-atutorn/a
Product-atutorn/a
CWE ID-CWE-863
Incorrect Authorization
CVE-2021-32777
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.6||HIGH
EPSS-3.33% / 87.23%
||
7 Day CHG~0.00%
Published-24 Aug, 2021 | 20:25
Updated-03 Aug, 2024 | 23:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect concatenation of multiple value request headers in ext-authz extension

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions when ext-authz extension is sending request headers to the external authorization service it must merge multiple value headers according to the HTTP spec. However, only the last header value is sent. This may allow specifically crafted requests to bypass authorization. Attackers may be able to escalate privileges when using ext-authz extension or back end service that uses multiple value headers for authorization. A specifically constructed request may be delivered by an untrusted downstream peer in the presence of ext-authz extension. Envoy versions 1.19.1, 1.18.4, 1.17.4, 1.16.5 contain fixes to the ext-authz extension to correctly merge multiple request header values, when sending request for authorization.

Action-Not Available
Vendor-envoyproxyenvoyproxy
Product-envoyenvoy
CWE ID-CWE-551
Incorrect Behavior Order: Authorization Before Parsing and Canonicalization
CWE ID-CWE-863
Incorrect Authorization
CVE-2021-32779
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.6||HIGH
EPSS-0.95% / 57.21%
||
7 Day CHG~0.00%
Published-24 Aug, 2021 | 20:45
Updated-03 Aug, 2024 | 23:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrectly handling of URI '#fragment' element as part of the path element

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions envoy incorrectly handled a URI '#fragment' element as part of the path element. Envoy is configured with an RBAC filter for authorization or similar mechanism with an explicit case of a final "/admin" path element, or is using a negative assertion with final path element of "/admin". The client sends request to "/app1/admin#foo". In Envoy prior to 1.18.0, or 1.18.0+ configured with path_normalization=false. Envoy treats fragment as a suffix of the query string when present, or as a suffix of the path when query string is absent, so it evaluates the final path element as "/admin#foo" and mismatches with the configured "/admin" path element. In Envoy 1.18.0+ configured with path_normalization=true. Envoy transforms this to /app1/admin%23foo and mismatches with the configured /admin prefix. The resulting URI is sent to the next server-agent with the offending "#foo" fragment which violates RFC3986 or with the nonsensical "%23foo" text appended. A specifically constructed request with URI containing '#fragment' element delivered by an untrusted client in the presence of path based request authorization resulting in escalation of Privileges when path based request authorization extensions. Envoy versions 1.19.1, 1.18.4, 1.17.4, 1.16.5 contain fixes that removes fragment from URI path in incoming requests.

Action-Not Available
Vendor-envoyproxyenvoyproxy
Product-envoyenvoy
CWE ID-CWE-551
Incorrect Behavior Order: Authorization Before Parsing and Canonicalization
CWE ID-CWE-863
Incorrect Authorization
CWE ID-CWE-697
Incorrect Comparison
CVE-2019-15941
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.20% / 80.50%
||
7 Day CHG~0.00%
Published-25 Sep, 2019 | 19:39
Updated-28 May, 2025 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an attacker to bypass access control rules via a crafted OpenID Connect authorization request. To be vulnerable, there must exist an OIDC Relaying party within the LemonLDAP configuration with weaker access control rules than the target RP, and no filtering on redirection URIs.

Action-Not Available
Vendor-lemonldap-ngn/aDebian GNU/Linux
Product-debian_linuxlemonldap\n/a
CWE ID-CWE-863
Incorrect Authorization
CVE-2021-32163
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.95% / 57.12%
||
7 Day CHG~0.00%
Published-17 Feb, 2023 | 00:00
Updated-18 Mar, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Authentication vulnerability in MOSN v.0.23.0 allows attacker to escalate privileges via case-sensitive JWT authorization.

Action-Not Available
Vendor-n/aThe Linux Foundation
Product-modular_open_smart_networkn/a
CWE ID-CWE-863
Incorrect Authorization
CVE-2021-32986
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-1.07% / 61.07%
||
7 Day CHG~0.00%
Published-04 Apr, 2022 | 19:45
Updated-16 Apr, 2025 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Automation Direct CLICK PLC CPU Modules Authentication Bypass Using an Alternate Path or Channel

After Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 is unlocked by an authorized user, the unlocked state does not timeout. If the programming software is interrupted, the PLC remains unlocked. All subsequent programming connections are allowed without authorization. The PLC is only relocked by a power cycle, or when the programming software disconnects correctly.

Action-Not Available
Vendor-AutomationDirect
Product-c0-12dd1e-d_firmwarec0-10dd1e-dc0-12dd1e-1-dc0-11dd1e-dc0-11dre-d_firmwarec0-12are-1-dc0-11dd2e-d_firmwarec0-10dd1e-d_firmwarec0-11dd2e-dc0-12dre-2-dc0-12are-d_firmwarec0-12dd2e-d_firmwarec0-12dre-dc0-12are-2-dc0-10dre-d_firmwarec0-12dd1e-dc0-11dre-dc0-10dre-dc0-11are-dc0-12dd2e-dc0-12dd1e-2-d_firmwarec0-12dd1e-1-d_firmwarec0-12dre-d_firmwarec0-12are-2-d_firmwarec0-12dd2e-2-d_firmwarec0-12dd2e-1-d_firmwarec0-11dd1e-d_firmwarec0-12dd1e-2-dc0-12dd2e-1-dc0-10dd2e-dc0-12dre-2-d_firmwarec0-11are-d_firmwarec0-10are-d_firmwarec0-10dd2e-d_firmwarec0-12dd2e-2-dc0-12are-1-d_firmwarec0-12dre-1-d_firmwarec0-12dre-1-dc0-10are-dc0-12are-dCLICK PLC CPU Modules: C0-1x CPUs
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CWE ID-CWE-863
Incorrect Authorization
CVE-2026-54803
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.8||CRITICAL
EPSS-0.45% / 36.36%
||
7 Day CHG~0.00%
Published-17 Jun, 2026 | 09:51
Updated-17 Jun, 2026 | 15:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress SMS Alert Order Notifications plugin <= 3.9.4 - Privilege Escalation vulnerability

Subscriber Privilege Escalation in SMS Alert Order Notifications <= 3.9.4 versions.

Action-Not Available
Vendor-Cozy Vision Technologies Pvt. Ltd.
Product-SMS Alert Order Notifications
CWE ID-CWE-863
Incorrect Authorization
CVE-2023-52077
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.9||HIGH
EPSS-0.69% / 48.78%
||
7 Day CHG~0.00%
Published-27 Dec, 2023 | 18:45
Updated-02 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
External apps using tokens issued by administrators and moderators can call admin APIs

Nexkey is a lightweight fork of Misskey v12 optimized for small to medium size servers. Prior to 12.23Q4.5, Nexkey allows external apps using tokens issued by administrators and moderators to call admin APIs. This allows malicious third-party apps to perform operations such as updating server settings, as well as compromise object storage and email server credentials. This issue has been patched in 12.23Q4.5.

Action-Not Available
Vendor-nexryainexryai
Product-nexkeynexkey
CWE ID-CWE-863
Incorrect Authorization
CVE-2019-15900
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.11% / 79.70%
||
7 Day CHG~0.00%
Published-18 Oct, 2019 | 15:41
Updated-05 Aug, 2024 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in slicer69 doas before 6.2 on certain platforms other than OpenBSD. On platforms without strtonum(3), sscanf was used without checking for error cases. Instead, the uninitialized variable errstr was checked and in some cases returned success even if sscanf failed. The result was that, instead of reporting that the supplied username or group name did not exist, it would execute the command as root.

Action-Not Available
Vendor-doas_projectn/a
Product-doasn/a
CWE ID-CWE-252
Unchecked Return Value
CWE ID-CWE-863
Incorrect Authorization
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2021-28911
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.65% / 73.92%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 17:45
Updated-03 Aug, 2024 | 21:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /tmp path which contains some sensitive data (e.g. device serial number). Having those info, a possible loginId can be self-calculated in a brute force attack against BMX interface. This is usable and part of an attack chain to gain SSH root access.

Action-Not Available
Vendor-bab-technologien/a
Product-eibport_firmwareeibportn/a
CWE ID-CWE-863
Incorrect Authorization
CWE ID-CWE-307
Improper Restriction of Excessive Authentication Attempts
CVE-2021-28793
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.63% / 73.54%
||
7 Day CHG~0.00%
Published-20 Apr, 2021 | 12:36
Updated-03 Aug, 2024 | 21:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where a crafted project folder could execute arbitrary binaries via crafted workspace configuration.

Action-Not Available
Vendor-lextudion/a
Product-restructuredtextn/a
CWE ID-CWE-863
Incorrect Authorization
CVE-2025-55213
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.29% / 21.44%
||
7 Day CHG~0.00%
Published-18 Aug, 2025 | 19:23
Updated-14 Jan, 2026 | 17:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenFGA Authorization Bypass (Check)

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.9.3 to v1.9.4 ( openfga-0.2.40 <= Helm chart <= openfga-0.2.41, v1.9.3 <= docker <= v.1.9.4) are vulnerable to improper policy enforcement when certain Check and ListObject calls are executed. This vulnerability is fixed in 1.9.5.

Action-Not Available
Vendor-openfgaopenfga
Product-openfgahelm_chartsopenfga
CWE ID-CWE-863
Incorrect Authorization
CVE-2025-3963
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.54% / 41.88%
||
7 Day CHG~0.00%
Published-27 Apr, 2025 | 07:31
Updated-12 May, 2025 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
withstars Books-Management-System Background Interface list authorization

A vulnerability, which was classified as critical, has been found in withstars Books-Management-System 1.0. This issue affects some unknown processing of the file /admin/article/list of the component Background Interface. The manipulation leads to missing authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-withstarswithstars
Product-books-management-systemBooks-Management-System
CWE ID-CWE-862
Missing Authorization
CWE ID-CWE-863
Incorrect Authorization
CVE-2023-51405
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-8.2||HIGH
EPSS-0.66% / 47.26%
||
7 Day CHG~0.00%
Published-24 Apr, 2024 | 16:03
Updated-28 Apr, 2026 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress BookingPress plugin <= 1.0.74 - Booking Price Manipulation vulnerability

Improper Authentication vulnerability in Repute Infosystems BookingPress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects BookingPress: from n/a through 1.0.74.

Action-Not Available
Vendor-reputeinfosystemsRepute Infosystems
Product-bookingpressBookingPress
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-863
Incorrect Authorization
CVE-2025-3960
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.54% / 41.88%
||
7 Day CHG~0.00%
Published-27 Apr, 2025 | 06:00
Updated-12 May, 2025 | 19:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
withstars Books-Management-System Background Interface allreaders.html authorization

A vulnerability was found in withstars Books-Management-System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /allreaders.html of the component Background Interface. The manipulation leads to missing authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-withstarswithstars
Product-books-management-systemBooks-Management-System
CWE ID-CWE-862
Missing Authorization
CWE ID-CWE-863
Incorrect Authorization
CVE-2023-5009
Matching Score-4
Assigner-GitLab Inc.
ShareView Details
Matching Score-4
Assigner-GitLab Inc.
CVSS Score-9.6||CRITICAL
EPSS-8.26% / 94.28%
||
7 Day CHG~0.00%
Published-19 Sep, 2023 | 07:01
Updated-02 May, 2026 | 04:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect Authorization in GitLab

An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.2.7, all versions starting from 16.3 before 16.3.4. It was possible for an attacker to run pipeline jobs as an arbitrary user via scheduled security scan policies. This was a bypass of [CVE-2023-3932](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3932) showing additional impact.

Action-Not Available
Vendor-GitLab Inc.
Product-gitlabGitLab
CWE ID-CWE-863
Incorrect Authorization
CVE-2021-27177
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-19.73% / 97.10%
||
7 Day CHG~0.00%
Published-10 Feb, 2021 | 18:34
Updated-03 Aug, 2024 | 20:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to bypass authentication by sending the decoded value of the GgpoZWxwCmxpc3QKd2hvCg== string to the telnet server.

Action-Not Available
Vendor-fiberhomen/a
Product-hg6245dhg6245d_firmwaren/a
CWE ID-CWE-863
Incorrect Authorization
CVE-2025-27645
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.83% / 53.50%
||
7 Day CHG~0.00%
Published-05 Mar, 2025 | 00:00
Updated-03 Nov, 2025 | 20:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368 allows Insecure Extension Installation by Trusting HTTP Permission Methods on the Server Side V-2024-005.

Action-Not Available
Vendor-printerlogicn/a
Product-vasion_printvirtual_appliancen/a
CWE ID-CWE-863
Incorrect Authorization
CVE-2021-22389
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-9.8||CRITICAL
EPSS-0.73% / 49.95%
||
7 Day CHG~0.00%
Published-02 Aug, 2021 | 16:43
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Permission Control Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-863
Incorrect Authorization
CVE-2023-32748
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.90% / 55.66%
||
7 Day CHG~0.00%
Published-14 Aug, 2023 | 00:00
Updated-09 Oct, 2024 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Linux DVS server component of Mitel MiVoice Connect through 19.3 SP2 (22.24.1500.0) could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control.

Action-Not Available
Vendor-n/aMitel Networks Corp.
Product-mivoice_connectn/a
CWE ID-CWE-863
Incorrect Authorization
CVE-2021-21693
Matching Score-4
Assigner-Jenkins Project
ShareView Details
Matching Score-4
Assigner-Jenkins Project
CVSS Score-9.8||CRITICAL
EPSS-1.50% / 71.48%
||
7 Day CHG~0.00%
Published-04 Nov, 2021 | 00:00
Updated-03 Aug, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When creating temporary files, agent-to-controller access to create those files is only checked after they've been created in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier.

Action-Not Available
Vendor-Jenkins
Product-jenkinsJenkins
CWE ID-CWE-863
Incorrect Authorization
CVE-2021-20149
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.43% / 70.07%
||
7 Day CHG~0.00%
Published-30 Dec, 2021 | 21:31
Updated-03 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient access controls for the WAN interface. The default iptables ruleset for governing access to services on the device only apply to IPv4. All services running on the devices are accessible via the WAN interface via IPv6 by default.

Action-Not Available
Vendor-n/aTRENDnet, Inc.
Product-tew-827dru_firmwaretew-827druTrendnet AC2600 TEW-827DRU
CWE ID-CWE-863
Incorrect Authorization
CVE-2019-14813
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.3||HIGH
EPSS-11.40% / 95.51%
||
7 Day CHG~0.00%
Published-06 Sep, 2019 | 13:27
Updated-05 Aug, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.openSUSEFedora ProjectArtifex Software Inc.
Product-enterprise_linux_serverdebian_linuxenterprise_linux_server_eusghostscriptopenshift_container_platformenterprise_linux_server_ausenterprise_linuxenterprise_linux_workstationfedoraenterprise_linux_server_tusenterprise_linux_desktopleapghostscript
CWE ID-CWE-648
Incorrect Use of Privileged APIs
CWE ID-CWE-863
Incorrect Authorization
CVE-2023-40309
Matching Score-4
Assigner-SAP SE
ShareView Details
Matching Score-4
Assigner-SAP SE
CVSS Score-9.8||CRITICAL
EPSS-0.75% / 50.74%
||
7 Day CHG~0.00%
Published-12 Sep, 2023 | 02:21
Updated-28 Sep, 2024 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing Authorization check in SAP CommonCryptoLib

SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an authenticated user, resulting in escalation of privileges. Depending on the application and the level of privileges acquired, an attacker could abuse functionality restricted to a particular user group as well as read, modify or delete restricted data.

Action-Not Available
Vendor-SAP SE
Product-extended_application_services_and_runtimecommoncryptolibcontent_servernetweaver_application_server_abapnetweaver_application_server_javaweb_dispatchersapssoexthost_agenthana_databaseSAP NetWeaver AS ABAP, SAP NetWeaver AS Java and ABAP Platform of S/4HANA on-premiseSAP HANA DatabaseSAP CommonCryptoLibSAPSSOEXTSAP Host AgentSAP Extended Application Services and Runtime (XSA)SAP Web DispatcherSAP Content Server
CWE ID-CWE-863
Incorrect Authorization
CVE-2020-8086
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.56% / 72.51%
||
7 Day CHG~0.00%
Published-28 Jan, 2020 | 16:15
Updated-04 Aug, 2024 | 09:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mod_auth_ldap and mod_auth_ldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the is_admin() function. This grants remote entities admin-only functionality if their username matches the username of a local admin.

Action-Not Available
Vendor-prosodyn/aDebian GNU/Linux
Product-mod_auth_ldap2debian_linuxmod_auth_ldapn/a
CWE ID-CWE-863
Incorrect Authorization
CVE-2020-4877
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-7.3||HIGH
EPSS-0.90% / 55.58%
||
7 Day CHG~0.00%
Published-21 Jan, 2022 | 17:20
Updated-17 Sep, 2024 | 00:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could be vulnerable to unauthorized modifications by using public fields in public classes. IBM X-Force ID: 190843.

Action-Not Available
Vendor-Microsoft CorporationIBM Corporation
Product-windowscognos_controllerCognos Controller
CWE ID-CWE-863
Incorrect Authorization
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next
Details not found