Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-46811

Summary
Assigner-suse
Assigner Org ID-404e59f5-483d-4b8a-8e7a-e67604dd8afb
Published At-30 Jul, 2025 | 14:20
Updated At-26 Feb, 2026 | 17:50
Rejected At-
Credits

SUSE Multi Linux Manager allows code execution via unprotected websocket endpoint

A Missing Authorization vulnerability in SUSE Linux Manager allows anyone with the ability to connect to port 443 of SUSE Manager is able to run any command as root on any client. This issue affects Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1: from ? before 5.0.27-150600.3.33.1; Image SLES15-SP4-Manager-Server-4-3-BYOS: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE: from ? before 4.3.87-150400.3.110.2; SUSE Manager Server Module 4.3: from ? before 4.3.87-150400.3.110.2.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:suse
Assigner Org ID:404e59f5-483d-4b8a-8e7a-e67604dd8afb
Published At:30 Jul, 2025 | 14:20
Updated At:26 Feb, 2026 | 17:50
Rejected At:
▼CVE Numbering Authority (CNA)
SUSE Multi Linux Manager allows code execution via unprotected websocket endpoint

A Missing Authorization vulnerability in SUSE Linux Manager allows anyone with the ability to connect to port 443 of SUSE Manager is able to run any command as root on any client. This issue affects Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1: from ? before 5.0.27-150600.3.33.1; Image SLES15-SP4-Manager-Server-4-3-BYOS: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE: from ? before 4.3.87-150400.3.110.2; SUSE Manager Server Module 4.3: from ? before 4.3.87-150400.3.110.2.

Affected Products
Vendor
SUSESUSE
Product
Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1
Package Name
spacewalk-java
Default Status
unaffected
Versions
Affected
  • From ? before 5.0.27-150600.3.33.1 (custom)
Vendor
SUSESUSE
Product
Image SLES15-SP4-Manager-Server-4-3-BYOS
Package Name
spacewalk-java
Default Status
unaffected
Versions
Affected
  • From ? before 4.3.87-150400.3.110.2 (custom)
Vendor
SUSESUSE
Product
Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure
Package Name
spacewalk-java
Default Status
unaffected
Versions
Affected
  • From ? before 4.3.87-150400.3.110.2 (custom)
Vendor
SUSESUSE
Product
Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2
Package Name
spacewalk-java
Default Status
unaffected
Versions
Affected
  • From ? before 4.3.87-150400.3.110.2 (custom)
Vendor
SUSESUSE
Product
Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE
Package Name
spacewalk-java
Default Status
unaffected
Versions
Affected
  • From ? before 4.3.87-150400.3.110.2 (custom)
Vendor
SUSESUSE
Product
SUSE Manager Server Module 4.3
Package Name
spacewalk-java
Default Status
unaffected
Versions
Affected
  • From ? before 4.3.87-150400.3.110.2 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-862CWE-862: Missing Authorization
Type: CWE
CWE ID: CWE-862
Description: CWE-862: Missing Authorization
Metrics
VersionBase scoreBase severityVector
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
4.09.3CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 4.0
Base score: 9.3
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

finder
Simon Holl (MindBytes)
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-46811
N/A
Hyperlink: https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-46811
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:meissner@suse.de
Published At:30 Jul, 2025 | 15:15
Updated At:03 Sep, 2025 | 07:15

A Missing Authorization vulnerability in SUSE Linux Manager allows anyone with the ability to connect to port 443 of SUSE Manager is able to run any command as root on any client. This issue affects Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1: from ? before 5.0.27-150600.3.33.1; Image SLES15-SP4-Manager-Server-4-3-BYOS: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE: from ? before 4.3.87-150400.3.110.2; SUSE Manager Server Module 4.3: from ? before 4.3.87-150400.3.110.2.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.09.3CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 4.0
Base score: 9.3
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-862Primarymeissner@suse.de
CWE ID: CWE-862
Type: Primary
Source: meissner@suse.de
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-46811meissner@suse.de
N/A
Hyperlink: https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-46811
Source: meissner@suse.de
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

374Records found

CVE-2019-3681
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.5||HIGH
EPSS-1.42% / 69.92%
||
7 Day CHG~0.00%
Published-29 Jun, 2020 | 12:00
Updated-17 Sep, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
osc: stores downloaded (supposed) RPM in network-controlled filesystem paths

A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP4; openSUSE Leap 15.1, openSUSE Factory allowed remote attackers that can change downloaded packages to overwrite arbitrary files. This issue affects: SUSE Linux Enterprise Module for Development Tools 15 osc versions prior to 0.169.1-3.20.1. SUSE Linux Enterprise Software Development Kit 12-SP5 osc versions prior to 0.162.1-15.9.1. SUSE Linux Enterprise Software Development Kit 12-SP4 osc versions prior to 0.162.1-15.9.1. openSUSE Leap 15.1 osc versions prior to 0.169.1-lp151.2.15.1. openSUSE Factory osc versions prior to 0.169.0 .

Action-Not Available
Vendor-openSUSESUSE
Product-linux_enterprise_software_development_kitlinux_enterprise_serverfactoryoscleapopenSUSE FactorySUSE Linux Enterprise Software Development Kit 12-SP4SUSE Linux Enterprise Software Development Kit 12-SP5openSUSE Leap 15.1SUSE Linux Enterprise Module for Development Tools 15
CWE ID-CWE-73
External Control of File Name or Path
CVE-2019-3689
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-5.1||MEDIUM
EPSS-1.52% / 71.73%
||
7 Day CHG~0.00%
Published-19 Sep, 2019 | 13:27
Updated-17 Sep, 2024 | 04:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
nfs-utils: root-owned files stored in insecure /var/lib/nfs directory

The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and managed by root. If statd is compromised, it can therefore trick processes running with root privileges into creating/overwriting files anywhere on the system.

Action-Not Available
Vendor-linux-nfsSUSE
Product-linux_enterprise_servernfs-utilsSUSE Linux Enterprise Server 15SUSE Linux Enterprise Server 12
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2019-18906
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-9.8||CRITICAL
EPSS-1.11% / 62.28%
||
7 Day CHG~0.00%
Published-30 Jun, 2021 | 08:35
Updated-16 Sep, 2024 | 21:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
cryptctl: client side password hashing is equivalent to clear text password storage

A Improper Authentication vulnerability in cryptctl of SUSE Linux Enterprise Server for SAP 12-SP5, SUSE Manager Server 4.0 allows attackers with access to the hashed password to use it without having to crack it. This issue affects: SUSE Linux Enterprise Server for SAP 12-SP5 cryptctl versions prior to 2.4. SUSE Manager Server 4.0 cryptctl versions prior to 2.4.

Action-Not Available
Vendor-openSUSESUSE
Product-linux_enterprise_servermanager_servercryptctlSUSE Manager Server 4.0SUSE Linux Enterprise Server for SAP 12-SP5
CWE ID-CWE-287
Improper Authentication
CVE-2019-18903
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.5||HIGH
EPSS-2.42% / 82.30%
||
7 Day CHG+0.06%
Published-02 Mar, 2020 | 16:45
Updated-17 Sep, 2024 | 01:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
wicked: Use-after-free when receiving invalid DHCP6 IA_PD option

A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-2.18.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-28.26.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.9.1. openSUSE Factory wicked versions prior to 0.6.62.

Action-Not Available
Vendor-openSUSESUSE
Product-linux_enterprise_serverleapFactoryLeap 15.1SUSE Linux Enterprise Server 15SUSE Linux Enterprise Server 12
CWE ID-CWE-416
Use After Free
CVE-2025-23394
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 38.62%
||
7 Day CHG~0.00%
Published-26 May, 2025 | 15:34
Updated-28 May, 2025 | 15:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
daily-backup.sh script in cyrus-imapd allows escalation from cyrus to root

A UNIX Symbolic Link (Symlink) Following vulnerability in openSUSE Tumbleweed cyrus-imapd allows escalation from cyrus to root.This issue affects openSUSE Tumbleweed cyrus-imapd before 3.8.4-2.1.

Action-Not Available
Vendor-SUSE
Product-openSUSE Tumbleweed
CWE ID-CWE-61
UNIX Symbolic Link (Symlink) Following
CVE-2022-31249
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.5||HIGH
EPSS-3.76% / 88.69%
||
7 Day CHG~0.00%
Published-07 Feb, 2023 | 00:00
Updated-25 Mar, 2025 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
[RANCHER] OS command injection in Rancher and Fleet

A Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in wrangler of SUSE Rancher allows remote attackers to inject commands in the underlying host via crafted commands passed to Wrangler. This issue affects: SUSE Rancher wrangler version 0.7.3 and prior versions; wrangler version 0.8.4 and prior versions; wrangler version 1.0.0 and prior versions.

Action-Not Available
Vendor-SUSE
Product-wranglerRancher
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-43755
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.1||HIGH
EPSS-1.72% / 74.94%
||
7 Day CHG~0.00%
Published-07 Feb, 2023 | 00:00
Updated-25 Mar, 2025 | 15:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rancher: Non-random authentication token

A Insufficient Entropy vulnerability in SUSE Rancher allows attackers that gained knowledge of the cattle-token to continue abusing this even after the token was renewed. This issue affects: SUSE Rancher Rancher versions prior to 2.6.10; Rancher versions prior to 2.7.1.

Action-Not Available
Vendor-SUSE
Product-rancherRancher
CWE ID-CWE-331
Insufficient Entropy
CVE-2026-25702
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.3||HIGH
EPSS-0.20% / 10.42%
||
7 Day CHG~0.00%
Published-05 Mar, 2026 | 07:00
Updated-09 Mar, 2026 | 18:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
nftables disabled due to incorrect kernel backport

A Improper Access Control vulnerability in the kernel of SUSE SUSE Linux Enterprise Server 12 SP5 breaks nftables, causing firewall rules applied via nftables to not be effective.This issue affects SUSE Linux Enterprise Server: from 9e6d9d4601768c75fdb0bad3fbbe636e748939c2 before 9c294edb7085fb91650bc12233495a8974c5ff2d.

Action-Not Available
Vendor-SUSE
Product-linux_enterprise_serverSUSE Linux Enterprise Server
CWE ID-CWE-284
Improper Access Control
CVE-2019-18902
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.5||HIGH
EPSS-2.42% / 82.30%
||
7 Day CHG+0.06%
Published-02 Mar, 2020 | 16:45
Updated-17 Sep, 2024 | 02:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
wicked: Use-after-free when receiving invalid DHCP6 client options

A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-3.5.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-3.21.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.6.1. openSUSE Factory wicked versions prior to 0.6.62.

Action-Not Available
Vendor-openSUSESUSE
Product-linux_enterprise_serverleapFactoryLeap 15.1SUSE Linux Enterprise Server 15SUSE Linux Enterprise Server 12
CWE ID-CWE-416
Use After Free
CVE-2025-8077
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-9.8||CRITICAL
EPSS-0.52% / 40.73%
||
7 Day CHG~0.00%
Published-17 Sep, 2025 | 12:33
Updated-26 Feb, 2026 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NeuVector admin account has insecure default password

A vulnerability exists in NeuVector versions up to and including 5.4.5, where a fixed string is used as the default password for the built-in `admin` account. If this password is not changed immediately after deployment, any workload with network access within the cluster could use the default credentials to obtain an authentication token. This token can then be used to perform any operation via NeuVector APIs.

Action-Not Available
Vendor-SUSE
Product-neuvector
CWE ID-CWE-1393
Use of Default Password
CVE-2025-62877
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-9.8||CRITICAL
EPSS-0.47% / 37.84%
||
7 Day CHG~0.00%
Published-08 Jan, 2026 | 12:29
Updated-08 Jan, 2026 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Harvest may expose OS default ssh login password via SUSE Virtualization Interactive Installer

Projects using the SUSE Virtualization (Harvester) environment may expose the OS default ssh login password  if they are using the 1.5.x or 1.6.x interactive installer to either create a new cluster or add new hosts to an existing cluster. The environment is not affected if the PXE boot mechanism is utilized along with the Harvester configuration setup.

Action-Not Available
Vendor-SUSE
Product-harvester
CWE ID-CWE-1188
Initialization of a Resource with an Insecure Default
CVE-2021-25315
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-9.8||CRITICAL
EPSS-2.33% / 81.65%
||
7 Day CHG~0.00%
Published-03 Mar, 2021 | 09:55
Updated-16 Sep, 2024 | 21:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
salt-api unauthenticated remote code execution

CWE - CWE-287: Improper Authentication vulnerability in SUSE Linux Enterprise Server 15 SP 3; openSUSE Tumbleweed allows local attackers to execute arbitrary code via salt without the need to specify valid credentials. This issue affects: SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions. This issue affects: SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions.

Action-Not Available
Vendor-saltstackopenSUSESUSE
Product-tumbleweedsuse_linux_enterprise_serversaltTumbleweedSUSE Linux Enterprise Server 15 SP 3
CWE ID-CWE-287
Improper Authentication
CVE-2022-21953
Matching Score-6
Assigner-SUSE
ShareView Details
Matching Score-6
Assigner-SUSE
CVSS Score-7.4||HIGH
EPSS-0.47% / 37.65%
||
7 Day CHG~0.00%
Published-07 Feb, 2023 | 00:00
Updated-25 Mar, 2025 | 17:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authenticated user can gain unauthorized shell pod and kubectl access in the local cluster

A Missing Authorization vulnerability in of SUSE Rancher allows authenticated user to create an unauthorized shell pod and kubectl access in the local cluster This issue affects: SUSE Rancher Rancher versions prior to 2.5.17; Rancher versions prior to 2.6.10; Rancher versions prior to 2.7.1.

Action-Not Available
Vendor-SUSE
Product-rancherRancher
CWE ID-CWE-862
Missing Authorization
CVE-2011-4183
Matching Score-6
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-6
Assigner-OpenText (formerly Micro Focus)
CVSS Score-6.5||MEDIUM
EPSS-1.55% / 72.31%
||
7 Day CHG~0.00%
Published-13 Jun, 2018 | 13:00
Updated-17 Sep, 2024 | 00:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
open build service allows anyone to upload rpms

A vulnerability in open build service allows remote attackers to upload arbitrary RPM files. Affected releases are SUSE open build service prior to 2.1.16.

Action-Not Available
Vendor-openSUSESUSE
Product-open_build_serviceopen build service
CWE ID-CWE-862
Missing Authorization
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-14944
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-6.34% / 92.85%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 21:48
Updated-04 Aug, 2024 | 13:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Global RADAR BSA Radar 1.6.7234.24750 and earlier lacks valid authorization controls in multiple functions. This can allow for manipulation and takeover of user accounts if successfully exploited. The following vulnerable functions are exposed: ChangePassword, SaveUserProfile, and GetUser.

Action-Not Available
Vendor-globalradarn/a
Product-bsa_radarn/a
CWE ID-CWE-862
Missing Authorization
CVE-2025-31691
Matching Score-4
Assigner-Drupal.org
ShareView Details
Matching Score-4
Assigner-Drupal.org
CVSS Score-9.8||CRITICAL
EPSS-0.40% / 32.40%
||
7 Day CHG~0.00%
Published-31 Mar, 2025 | 21:49
Updated-02 Sep, 2025 | 18:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OAuth2 Server - Moderately critical - Access bypass - SA-CONTRIB-2025-020

Missing Authorization vulnerability in Drupal OAuth2 Server allows Forceful Browsing.This issue affects OAuth2 Server: from 0.0.0 before 2.1.0.

Action-Not Available
Vendor-oauth2_server_projectThe Drupal Association
Product-oauth2_serverOAuth2 Server
CWE ID-CWE-862
Missing Authorization
CVE-2025-5486
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-0.43% / 35.25%
||
7 Day CHG~0.00%
Published-06 Jun, 2025 | 06:42
Updated-06 Jun, 2025 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WP Email Debug 1.0 - 1.1.0 - Missing Authorization to Unauthenticated Privilege Escalation via Password Reset

The WP Email Debug plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the WPMDBUG_handle_settings() function in versions 1.0 to 1.1.0. This makes it possible for unauthenticated attackers to enable debugging and send all emails to an attacker controlled address and then trigger a password reset for an administrator to gain access to an administrator account.

Action-Not Available
Vendor-dr_scythe
Product-WP Email Debug
CWE ID-CWE-862
Missing Authorization
CVE-2020-11514
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-9.11% / 94.73%
||
7 Day CHG~0.00%
Published-07 Apr, 2020 | 16:50
Updated-04 Aug, 2024 | 11:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to update arbitrary WordPress metadata, including the ability to escalate or revoke administrative privileges for existing users via the unsecured rankmath/v1/updateMeta REST API endpoint.

Action-Not Available
Vendor-rankmathn/a
Product-seon/a
CWE ID-CWE-862
Missing Authorization
CVE-2020-11967
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.19% / 86.65%
||
7 Day CHG~0.00%
Published-21 Apr, 2020 | 12:08
Updated-04 Aug, 2024 | 11:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In IQrouter through 3.3.1, remote attackers can control the device (restart network, reboot, upgrade, reset) because of Incorrect Access Control. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configuration (which has a required step for setting a secure password on the system), makes this CVE invalid. This vulnerability is “true for any unconfigured release of OpenWRT, and true of many other new Linux distros prior to being configured for the first time”

Action-Not Available
Vendor-evenrouten/a
Product-iqrouter_firmwareiqroutern/a
CWE ID-CWE-862
Missing Authorization
CVE-2023-35040
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-5.3||MEDIUM
EPSS-0.35% / 26.90%
||
7 Day CHG~0.00%
Published-13 Jun, 2024 | 23:51
Updated-28 Apr, 2026 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress SendPress Newsletters plugin <= 1.23.11.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in SendPress SendPress Newsletters.This issue affects SendPress Newsletters: from n/a through 1.23.11.6.

Action-Not Available
Vendor-pressifiedSendPresspressified
Product-sendpressSendPress Newsletterssendpress
CWE ID-CWE-862
Missing Authorization
CVE-2020-10257
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-8.88% / 94.64%
||
7 Day CHG~0.00%
Published-09 Mar, 2020 | 23:41
Updated-04 Aug, 2024 | 10:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ThemeREX Addons plugin before 2020-03-09 for WordPress lacks access control on the /trx_addons/v2/get/sc_layout REST API endpoint, allowing for PHP functions to be executed by any users, because includes/plugin.rest-api.php calls trx_addons_rest_get_sc_layout with an unsafe sc parameter.

Action-Not Available
Vendor-themerexn/a
Product-meals_and_wheels-food_truckplumbing-repair\,_building_\&_construction_wordpress_themepartiso_electioncampaignwellspring_water_filter_systemsyottis-simple_portfoliokargo-freight_transportrosalinda-vegetarian_\&_health_coachcoinpress-cryptocurrency_magazine_\&_blog_wordpress_themefc_united-footballimpacto_patronus_multi-landingrare_radionazareth-churchozeum-museumchainpressbriny-diving_wordpress_themeyolox-startup_magazine_\&_blog_wordpress_themerhodos-creative_corporate_wordpress_themepixefynelson-barbershop_\+_tattoo_salonnetmix-broadband_\&_telecomtacticool-shooting_range_wordpress_themevixus-startup_\/_mobile_applicationrenewal-plastic_surgeon_clinictornadosmystik-esotericskatelyn-gutenberg_wordpress_blog_themeheaven_11-multiskin_property_themealdo-gutenberg_wordpress_blog_themekids_carehelion-agency_\&portfolioprider-pride_festhobo_digital_nomad_blogbuzz_stone-magazine_\&_blogchit_club-board_gamesright_wayespecio-food_gutenberg_themevapestercorredo_sport_eventblabberaddonsrumble-single_fighter_boxer\,_news\,_gym\,_storetediss-soft_play_area\,_cafe_\&_child_care_centerlingvico-language_learning_schooljustitia-multiskin_lawyer_thememodern_housewife-housewife_and_family_blogpiqes-creative_startup_\&_agency_wordpress_themetantum-rent_a_car\,_rent_a_bike\,_rent_a_scooter_multiskin_themegloss_blogskydiving_and_flying_companykratz-digital_agencymaxify-startup_blogdronex-aerial_photography_servicessavejulia_personal_fundraising_campaignbonkozoo_zoosamadhi-buddhistyungen-digital\/marketing_agencybugster-pests_controltopper_theme_and_skinsamuliscientia-public_libraryvihara-ashram\,_buddhistgridironhallelujah-churchn/a
CWE ID-CWE-862
Missing Authorization
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2020-10620
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-1.21% / 65.12%
||
7 Day CHG~0.00%
Published-14 May, 2020 | 20:39
Updated-04 Aug, 2024 | 11:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC communication does not include any credentials. This allows an attacker with network access to directly communicate with SoftPAC, including, for example, stopping the service remotely.

Action-Not Available
Vendor-opto22n/a
Product-softpac_projectOpto 22 SoftPAC Project
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-862
Missing Authorization
CVE-2025-5304
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-0.58% / 43.98%
||
7 Day CHG~0.00%
Published-28 Jun, 2025 | 05:29
Updated-30 Jun, 2025 | 18:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PT Project Notebooks 1.0.0 - 1.1.3 - Missing Authorization to Unauthenticated Privilege Escalation via wpnb_pto_new_users_add Function

The PT Project Notebooks plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization in the wpnb_pto_new_users_add() function in versions 1.0.0 through 1.1.3. This makes it possible for unauthenticated attackers to elevate their privileges to that of an administrator.

Action-Not Available
Vendor-blafoley
Product-PT Project Notebooks – Take Meeting minutes, create budgets, track task management, and more
CWE ID-CWE-862
Missing Authorization
CVE-2023-6875
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-90.34% / 99.79%
||
7 Day CHG~0.00%
Published-11 Jan, 2024 | 08:33
Updated-08 Apr, 2026 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress <= 2.8.7 - Authorization Bypass via type connect-app API

The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a type juggling issue on the connect-app REST endpoint in all versions up to, and including, 2.8.7. This makes it possible for unauthenticated attackers to reset the API key used to authenticate to the mailer and view logs, including password reset emails, allowing site takeover. CVE-2023-52233 appears to be a duplicate of this issue.

Action-Not Available
Vendor-wpexpertssaadiqbal
Product-post_smtpPost SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CWE ID-CWE-862
Missing Authorization
CVE-2025-52352
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.54% / 41.68%
||
7 Day CHG~0.00%
Published-21 Aug, 2025 | 00:00
Updated-22 Aug, 2025 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aikaan IoT management platform v3.25.0325-5-g2e9c59796 provides a configuration to disable user sign-up in distributed deployments by hiding the sign-up option on the login page UI. However, the sign-up API endpoint remains publicly accessible and functional, allowing unauthenticated users to register accounts via APIs even when the feature is disabled. This leads to authentication bypass and unauthorized access to admin portals, violating intended access controls.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-862
Missing Authorization
CVE-2019-25141
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-4.46% / 90.38%
||
7 Day CHG~0.00%
Published-07 Jun, 2023 | 01:51
Updated-08 Apr, 2026 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Easy WP SMTP <= 1.3.9 - Missing Authorization to Arbitrary Options Update

The Easy WP SMTP plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.3.9. This is due to missing capability checks on the admin_init() function, in addition to insufficient input validation. This makes it possible for unauthenticated attackers to modify the plugins settings and arbitrary options on the site that can be used to inject new administrative user accounts.

Action-Not Available
Vendor-wp-ecommerceAwesome Motive Inc.
Product-easy_wp_smtpEasy WP SMTP – WordPress SMTP and Email Logs: Gmail, Office 365, Outlook, Custom SMTP, and more
CWE ID-CWE-862
Missing Authorization
CVE-2023-31047
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.38% / 69.04%
||
7 Day CHG~0.00%
Published-07 May, 2023 | 00:00
Updated-29 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField (only the last uploaded file was validated). However, Django's "Uploading multiple files" documentation suggested otherwise.

Action-Not Available
Vendor-n/aDjangoFedora Project
Product-djangofedoran/a
CWE ID-CWE-862
Missing Authorization
CWE ID-CWE-20
Improper Input Validation
CVE-2021-47812
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-1.99% / 78.38%
||
7 Day CHG~0.00%
Published-15 Jan, 2026 | 23:25
Updated-07 Apr, 2026 | 14:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GravCMS 1.10.7 - Arbitrary YAML Write/Update (Unauthenticated) (2)

GravCMS 1.10.7 contains an unauthenticated vulnerability that allows remote attackers to write arbitrary YAML configuration and execute PHP code through the scheduler endpoint. Attackers can exploit the admin-nonce parameter to inject base64-encoded payloads and create malicious custom jobs with system command execution.

Action-Not Available
Vendor-getgravGetgrav
Product-gravGravCMS
CWE ID-CWE-862
Missing Authorization
CVE-2023-32117
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.8||CRITICAL
EPSS-7.29% / 93.67%
||
7 Day CHG+0.89%
Published-09 Dec, 2024 | 11:30
Updated-28 Apr, 2026 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Integrate Google Drive plugin <= 1.1.99 - Unauthenticated Broken Access Control vulnerability

Missing Authorization vulnerability in SoftLab Integrate Google Drive allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integrate Google Drive: from n/a through 1.1.99.

Action-Not Available
Vendor-SoftLabsoftlab
Product-Integrate Google Driveintegrate_google_drive
CWE ID-CWE-862
Missing Authorization
CVE-2019-6580
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-1.67% / 74.16%
||
7 Day CHG~0.00%
Published-12 Jun, 2019 | 13:47
Updated-04 Aug, 2024 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a), Siveillance VMS 2018 R1 (All versions < V12.1a), Siveillance VMS 2018 R2 (All versions < V12.2a), Siveillance VMS 2018 R3 (All versions < V12.3a), Siveillance VMS 2019 R1 (All versions < V13.1a). An attacker with network access to port 80/TCP could change device properties without authorization. No user interaction is required to exploit this security vulnerability. Successful exploitation compromises confidentiality, integrity and availability of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-siveillance_video_management_software_2017_r2siveillance_video_management_software_2019_r1siveillance_video_management_software_2018_r2siveillance_video_management_software_2018_r1siveillance_video_management_software_2018_r3Siveillance VMS 2018 R3Siveillance VMS 2018 R1Siveillance VMS 2019 R1Siveillance VMS 2017 R2Siveillance VMS 2018 R2
CWE ID-CWE-862
Missing Authorization
CVE-2023-3076
Matching Score-4
Assigner-WPScan
ShareView Details
Matching Score-4
Assigner-WPScan
CVSS Score-9.8||CRITICAL
EPSS-2.17% / 80.24%
||
7 Day CHG~0.00%
Published-10 Jul, 2023 | 12:40
Updated-12 Nov, 2024 | 14:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
MStore API < 3.9.9 - Unauthenticated Privilege Escalation

The MStore API WordPress plugin before 3.9.9 does not prevent visitors from creating user accounts with the role of their choice via their wholesale REST API endpoint. This is only exploitable if the site owner paid to access the plugin's pro features.

Action-Not Available
Vendor-inspireuiUnknown
Product-mstore_apiMStore API
CWE ID-CWE-862
Missing Authorization
CVE-2021-4362
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-1.42% / 69.80%
||
7 Day CHG~0.00%
Published-07 Jun, 2023 | 01:51
Updated-28 Dec, 2024 | 00:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Kiwi Social Share plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the kiwi_social_share_get_option() function called via the kiwi_social_share_get_option AJAX action in version 2.1.0. This makes it possible for unauthenticated attackers to read and modify arbitrary options on a WordPress site that can be used for complete site takeover. This was a previously fixed vulnerability that was reintroduced in this version.

Action-Not Available
Vendor-wpkubewpkube
Product-kiwi_social_shareSocial Sharing Plugin – Kiwi
CWE ID-CWE-862
Missing Authorization
CVE-2023-26035
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.2||HIGH
EPSS-80.46% / 99.58%
||
7 Day CHG~0.00%
Published-25 Feb, 2023 | 01:07
Updated-13 Feb, 2025 | 16:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZoneMinder vulnerable to Missing Authorization

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are vulnerable to Unauthenticated Remote Code Execution via Missing Authorization. There are no permissions check on the snapshot action, which expects an id to fetch an existing monitor but can be passed an object to create a new one instead. TriggerOn ends up calling shell_exec using the supplied Id. This issue is fixed in This issue is fixed in versions 1.36.33 and 1.37.33.

Action-Not Available
Vendor-zoneminderZoneMinder
Product-zoneminderzoneminder
CWE ID-CWE-862
Missing Authorization
CVE-2023-26301
Matching Score-4
Assigner-HP Inc.
ShareView Details
Matching Score-4
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.65% / 46.95%
||
7 Day CHG~0.00%
Published-21 Jul, 2023 | 16:06
Updated-02 Aug, 2024 | 11:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain HP LaserJet Pro print products are potentially vulnerable to an Elevation of Privilege and/or Information Disclosure related to a lack of authentication with certain endpoints.

Action-Not Available
Vendor-HP Inc.
Product-color_laserjet_pro_4201-4203_4ra87fcolor_laserjet_pro_mfp_4301-4303_4ra83f_firmwarecolor_laserjet_pro_4201-4203_4ra87f_firmwarecolor_laserjet_pro_4201-4203_5hh52a_firmwarecolor_laserjet_pro_4201-4203_4ra89acolor_laserjet_pro_4201-4203_5hh59a_firmwarecolor_laserjet_pro_4201-4203_4ra89a_firmwarecolor_laserjet_pro_4201-4203_4ra88fcolor_laserjet_pro_4201-4203_5hh52acolor_laserjet_pro_mfp_4301-4303_4ra80f_firmwarecolor_laserjet_pro_mfp_4301-4303_4ra84f_firmwarecolor_laserjet_pro_mfp_4301-4303_4ra84fcolor_laserjet_pro_mfp_4301-4303_5hh65acolor_laserjet_pro_4201-4203_5hh53a_firmwarecolor_laserjet_pro_4201-4203_5hh51a_firmwarecolor_laserjet_pro_4201-4203_5hh48a_firmwarecolor_laserjet_pro_mfp_4301-4303_4ra83fcolor_laserjet_pro_mfp_4301-4303_5hh66acolor_laserjet_pro_mfp_4301-4303_5hh72a_firmwarecolor_laserjet_pro_mfp_4301-4303_5hh67a_firmwarecolor_laserjet_pro_4201-4203_4ra88f_firmwarecolor_laserjet_pro_mfp_4301-4303_4ra80fcolor_laserjet_pro_mfp_4301-4303_5hh64f_firmwarecolor_laserjet_pro_mfp_4301-4303_4ra81fcolor_laserjet_pro_mfp_4301-4303_5hh65a_firmwarecolor_laserjet_pro_4201-4203_5hh59acolor_laserjet_pro_4201-4203_5hh51acolor_laserjet_pro_mfp_4301-4303_4ra81f_firmwarecolor_laserjet_pro_4201-4203_5hh53acolor_laserjet_pro_mfp_4301-4303_4ra82f_firmwarecolor_laserjet_pro_mfp_4301-4303_5hh73a_firmwarecolor_laserjet_pro_mfp_4301-4303_5hh66a_firmwarecolor_laserjet_pro_mfp_4301-4303_5hh73acolor_laserjet_pro_mfp_4301-4303_5hh67acolor_laserjet_pro_mfp_4301-4303_4ra82fcolor_laserjet_pro_mfp_4301-4303_5hh72acolor_laserjet_pro_mfp_4301-4303_5hh64fcolor_laserjet_pro_4201-4203_5hh48aHP LaserJet Pro
CWE ID-CWE-862
Missing Authorization
CVE-2023-53923
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.48% / 38.56%
||
7 Day CHG+0.02%
Published-17 Dec, 2025 | 22:44
Updated-07 Apr, 2026 | 14:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
UliCMS 2023.1 Privilege Escalation via Unauthenticated Admin Account Creation

UliCMS 2023.1 contains a privilege escalation vulnerability that allows unauthenticated attackers to create administrative accounts through the UserController endpoint. Attackers can send a crafted POST request to /dist/admin/index.php with specific parameters to generate a new admin user with full system access.

Action-Not Available
Vendor-ulicmsUlicms
Product-ulicmsUlicms
CWE ID-CWE-862
Missing Authorization
CVE-2023-23834
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.64% / 46.69%
||
7 Day CHG~0.00%
Published-09 Dec, 2024 | 11:31
Updated-28 Apr, 2026 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Broken Access Control + CSRF on Activate_Plugin vulnerability

Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0.

Action-Not Available
Vendor-Brainstorm Force
Product-spectraSpectra
CWE ID-CWE-862
Missing Authorization
CVE-2023-22697
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-5.3||MEDIUM
EPSS-0.63% / 46.20%
||
7 Day CHG~0.00%
Published-13 Dec, 2024 | 14:22
Updated-28 Apr, 2026 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Survey Maker plugin <= 3.2.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Survey Maker team Survey Maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Survey Maker: from n/a through 3.2.0.

Action-Not Available
Vendor-AYS Pro Extensions
Product-survey_makerSurvey Maker
CWE ID-CWE-862
Missing Authorization
CVE-2022-1574
Matching Score-4
Assigner-WPScan
ShareView Details
Matching Score-4
Assigner-WPScan
CVSS Score-9.8||CRITICAL
EPSS-11.87% / 95.63%
||
7 Day CHG~0.00%
Published-27 Jun, 2022 | 08:57
Updated-03 Aug, 2024 | 00:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HTML2WP <= 1.0.0 - Unauthenticated Arbitrary File Upload

The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks when importing files, and does not validate them, as a result, unauthenticated attackers can upload arbitrary files (such as PHP) on the remote server

Action-Not Available
Vendor-html2wp_projectUnknown
Product-html2wpHTML2WP
CWE ID-CWE-862
Missing Authorization
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2019-25217
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-0.83% / 53.37%
||
7 Day CHG~0.00%
Published-16 Oct, 2024 | 06:43
Updated-08 Apr, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SiteGround Optimizer <= 5.0.12 - Missing Authorization

The SiteGround Optimizer plugin for WordPress is vulnerable to authorization bypass leading to Remote Code Execution and Local File Inclusion in versions up to, and including, 5.0.12 due to incorrect use of an access control attribute on the switch_php function called via the /switch-php REST API route. This allows attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.

Action-Not Available
Vendor-sitegroundsitegroundsiteground
Product-speed_optimizerSpeed Optimizer – The All-In-One Performance-Boosting Pluginspeed_optimizer
CWE ID-CWE-862
Missing Authorization
CVE-2025-47580
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-5.4||MEDIUM
EPSS-0.24% / 15.43%
||
7 Day CHG~0.00%
Published-15 May, 2025 | 17:07
Updated-28 Apr, 2026 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Front End Users plugin <= 3.2.35 - Broken Access Control vulnerability

Missing Authorization vulnerability in Rustaurius Front End Users front-end-only-users allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Front End Users: from n/a through <= 3.2.35.

Action-Not Available
Vendor-etoilewebdesignRustaurius
Product-front_end_usersFront End Users
CWE ID-CWE-862
Missing Authorization
CVE-2023-22701
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-7.5||HIGH
EPSS-1.01% / 59.19%
||
7 Day CHG~0.00%
Published-09 Dec, 2024 | 11:31
Updated-28 Apr, 2026 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Ebook Store plugin <= 5.775 - Broken Authentication vulnerability

Missing Authorization vulnerability in Shopfiles Ltd Ebook Store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ebook Store: from n/a through 5.775.

Action-Not Available
Vendor-shopfilesShopfiles Ltdshopfiles
Product-ebook_storeEbook Storeebook_store
CWE ID-CWE-862
Missing Authorization
CVE-2025-47688
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-5.3||MEDIUM
EPSS-0.33% / 24.75%
||
7 Day CHG~0.00%
Published-07 May, 2025 | 14:20
Updated-28 Apr, 2026 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Advanced File Manager plugin <= 5.3.1 - Broken Access Control to Notice Dismissal vulnerability

Missing Authorization vulnerability in Saad Iqbal Advanced File Manager file-manager-advanced allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced File Manager: from n/a through <= 5.3.1.

Action-Not Available
Vendor-advancedfilemanagerSaad Iqbal
Product-advanced_file_managerAdvanced File Manager
CWE ID-CWE-862
Missing Authorization
CVE-2019-19899
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.28% / 66.73%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 23:24
Updated-05 Aug, 2024 | 02:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Pebble Templates 3.1.2 allows attackers to bypass a protection mechanism (intended to block access to instances of java.lang.Class) because getClass is accessible via the public static java.lang.Class java.lang.Class.forName(java.lang.Module,java.lang.String) signature.

Action-Not Available
Vendor-pebbletemplatesn/a
Product-pebble_templatesn/a
CWE ID-CWE-862
Missing Authorization
CVE-2025-46348
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-10||CRITICAL
EPSS-0.57% / 43.36%
||
7 Day CHG~0.00%
Published-29 Apr, 2025 | 20:39
Updated-09 May, 2025 | 13:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
YesWiki Vulnerable to Unauthenticated Site Backup Creation and Download

YesWiki is a wiki system written in PHP. Prior to version 4.5.4, the request to commence a site backup can be performed and downloaded without authentication. The archives are created with a predictable filename, so a malicious user could create and download an archive without being authenticated. This could result in a malicious attacker making numerous requests to create archives and fill up the file system, or by downloading the archive which contains sensitive site information. This issue has been patched in version 4.5.4.

Action-Not Available
Vendor-yeswikiYesWiki
Product-yeswikiyeswiki
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-862
Missing Authorization
CVE-2021-39226
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.8||CRITICAL
EPSS-99.89% / 99.96%
||
7 Day CHG~0.00%
Published-05 Oct, 2021 | 17:30
Updated-24 Oct, 2025 | 14:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-09-15||Apply updates per vendor instructions.
Snapshot authentication bypass in grafana

Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "public_mode" configuration setting is set to true (vs default of false), unauthenticated users are able to delete the snapshot with the lowest database key by accessing the literal path: /api/snapshots-delete/:deleteKey. Regardless of the snapshot "public_mode" setting, authenticated users are able to delete the snapshot with the lowest database key by accessing the literal paths: /api/snapshots/:key, or /api/snapshots-delete/:deleteKey. The combination of deletion and viewing enables a complete walk through all snapshot data while resulting in complete snapshot data loss. This issue has been resolved in versions 8.1.6 and 7.5.11. If for some reason you cannot upgrade you can use a reverse proxy or similar to block access to the literal paths: /api/snapshots/:key, /api/snapshots-delete/:deleteKey, /dashboard/snapshot/:key, and /api/snapshots/:key. They have no normal function and can be disabled without side effects.

Action-Not Available
Vendor-Fedora ProjectGrafana Labs
Product-fedoragrafanagrafanaGrafana
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-862
Missing Authorization
CVE-2023-20252
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.06% / 60.87%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 17:17
Updated-16 Dec, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Security Assertion Markup Language (SAML) APIs of Cisco Catalyst SD-WAN Manager Software could allow an unauthenticated, remote attacker to gain unauthorized access to the application as an arbitrary user. This vulnerability is due to improper authentication checks for SAML APIs. An attacker could exploit this vulnerability by sending requests directly to the SAML API. A successful exploit could allow the attacker to generate an authorization token sufficient to gain access to the application.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_sd-wan_managerCisco SD-WAN vManage
CWE ID-CWE-862
Missing Authorization
CWE ID-CWE-287
Improper Authentication
CVE-2025-46557
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.4||HIGH
EPSS-0.50% / 39.47%
||
7 Day CHG~0.00%
Published-30 Apr, 2025 | 18:27
Updated-03 Sep, 2025 | 17:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Any user with view access to the XWiki space can change the authenticator

XWiki is a generic wiki platform. In versions starting from 15.3-rc-1 to before 15.10.14, from 16.0.0-rc-1 to before 16.4.6, and from 16.5.0-rc-1 to before 16.10.0-rc-1, a user who can access pages located in the XWiki space (by default, anyone) can access the page XWiki.Authentication.Administration and (unless an authenticator is set in xwiki.cfg) switch to another installed authenticator. Note that, by default, there is only one authenticator available (Standard XWiki Authenticator). So, if no authenticator extension was installed, it's not really possible to do anything for an attacker. Also, in most cases, if an SSO authenticator is installed and utilized (like OIDC or LDAP for example), the worst an attacker can do is break authentication by switching back to the standard authenticator (that's because it's impossible to login to a user which does not have a stored password, and that's usually what SSO authenticator produce). This issue has been patched in versions 15.10.14, 16.4.6, and 16.10.0-rc-1.

Action-Not Available
Vendor-XWiki SAS
Product-xwikixwiki-platform
CWE ID-CWE-862
Missing Authorization
CVE-2025-46247
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-5.3||MEDIUM
EPSS-0.35% / 27.38%
||
7 Day CHG+0.03%
Published-22 Apr, 2025 | 09:53
Updated-28 Apr, 2026 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Appointment Booking Calendar plugin <= 1.3.92 - Broken Access Control Vulnerability

Missing Authorization vulnerability in codepeople Appointment Booking Calendar appointment-booking-calendar allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Appointment Booking Calendar: from n/a through <= 1.3.92.

Action-Not Available
Vendor-CodePeople
Product-appointment_booking_calendarAppointment Booking Calendar
CWE ID-CWE-862
Missing Authorization
CVE-2021-37270
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.44% / 70.18%
||
7 Day CHG~0.00%
Published-27 Sep, 2021 | 20:40
Updated-04 Aug, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an unauthorized access vulnerability in the CMS Enterprise Website Construction System 5.0. Attackers can use this vulnerability to directly access the specified background path without logging in to the background to obtain the background administrator authority.

Action-Not Available
Vendor-s-cmsn/a
Product-cms_enterprise_website_construction_systemn/a
CWE ID-CWE-862
Missing Authorization
CVE-2026-8495
Matching Score-4
Assigner-Drupal.org
ShareView Details
Matching Score-4
Assigner-Drupal.org
CVSS Score-9.8||CRITICAL
EPSS-0.37% / 29.15%
||
7 Day CHG~0.00%
Published-19 May, 2026 | 22:29
Updated-27 May, 2026 | 15:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Date iCal - Critical - Information disclosure - SA-CONTRIB-2026-037

Missing Authorization vulnerability in Drupal Date iCal allows Forceful Browsing. This issue affects Date iCal: from 0.0.0 before 4.0.15.

Action-Not Available
Vendor-date_ical_projectThe Drupal Association
Product-date_icalDate iCal
CWE ID-CWE-862
Missing Authorization
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 7
  • 8
  • Next
Details not found