Search Results (11817 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-48547 1 Dreamcatcher Iot Technology 1 Dreamcatcher Life Firmware 2026-04-15 8.4 High
Incorrect access control in the firmware update and download processes of DreamCatcher Life v1.8.7 allows attackers to access sensitive information by analyzing the code and data within the APK file.
CVE-2024-48546 1 Shenzhen Yingsheng Technology Co 1 Wear Sync Firmware 2026-04-15 8.4 High
Incorrect access control in the firmware update and download processes of Wear Sync v1.2.0 allows attackers to access sensitive information by analyzing the code and data within the APK file.
CVE-2024-48545 1 Ivyiot 1 Ivy Smart Firmware 2026-04-15 8.4 High
Incorrect access control in the firmware update and download processes of IVY Smart v4.5.0 allows attackers to access sensitive information by analyzing the code and data within the APK file.
CVE-2024-48542 1 Yamaha 1 Headphones Controller Firmware 2026-04-15 8.4 High
Incorrect access control in the firmware update and download processes of Yamaha Headphones Controller v1.6.7 allows attackers to access sensitive information by analyzing the code and data within the APK file.
CVE-2024-48541 1 Ruochan 1 Smart Firmware 2026-04-15 8.4 High
Incorrect access control in the firmware update and download processes of Ruochan Smart v4.4.7 allows attackers to access sensitive information by analyzing the code and data within the APK file.
CVE-2024-48538 1 Netdvr 1 Neye3c 2026-04-15 9.8 Critical
Incorrect access control in the firmware update and download processes of Neye3C v4.5.2.0 allows attackers to access sensitive information by analyzing the code and data within the APK file.
CVE-2024-48540 1 Shenzhen Xiaohe Lejia Technology Co 1 Xiaohesmart Firmware 2026-04-15 6.2 Medium
Incorrect access control in XIAO HE Smart 4.3.1 allows attackers to access sensitive information by analyzing the code and data within the APK file.
CVE-2024-47587 2026-04-15 3.5 Low
Cash Operations does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges causing low impact to confidentiality to the application.
CVE-2024-47581 2026-04-15 4.3 Medium
SAP HCM Approve Timesheets Version 4 application does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.There is low impact on integrity of the application. Confidentiality and availibility are not impacted.
CVE-2024-45877 2026-04-15 6.5 Medium
baltic-it TOPqw Webportal v1.35.283.2 is vulnerable to Incorrect Access Control in the User Management function in /Apps/TOPqw/BenutzerManagement.aspx. This allows a low privileged user to access all modules in the web portal, view and manipulate information and permissions of other users, lock other user or unlock the own account, change the password of other users, create new users or delete existing users and view, manipulate and delete reference data.
CVE-2024-45286 2026-04-15 6.5 Medium
Due to lack of proper authorization checks when calling user, a function module in obsolete Tobin interface in SAP Production and Revenue Accounting allows unauthorized access that could lead to disclosure of highly sensitive data. There is no impact on integrity or availability.
CVE-2024-45285 2026-04-15 5.4 Medium
The RFC enabled function module allows a low privileged user to perform denial of service on any user and also change or delete favourite nodes. By sending a crafted packet in the function module targeting specific parameters, the specific targeted user will no longer have access to any functionality of SAP GUI. There is low impact on integrity and availability of the application.
CVE-2024-45284 2026-04-15 2.4 Low
An authenticated attacker with high privilege can use functions of SLCM transactions to which access should be restricted. This may result in an escalation of privileges causing low impact on integrity of the application.
CVE-2025-15516 2 Plugins360, Wordpress 2 All-in-one Video Gallery, Wordpress 2026-04-15 4.3 Medium
The All-in-One Video Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_callback_store_user_meta() function in versions 4.1.0 to 4.6.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary string-based user meta keys for their own account.
CVE-2024-45160 1 Lemonldap-ng 1 Lemonldap-ng 2026-04-15 9.1 Critical
Incorrect credential validation in LemonLDAP::NG 2.18.x and 2.19.x before 2.19.2 allows attackers to bypass OAuth2 client authentication via an empty client_password parameter (client secret).
CVE-2021-26387 2026-04-15 3.9 Low
Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity.
CVE-2024-4447 2026-04-15 9.9 Critical
In the System → Maintenance tool, the Logged Users tab surfaces sessionId data for all users via the Direct Web Remoting API (UserSessionAjax.getSessionList.dwr) calls. While this is information that would and should be available to admins who possess "Sign In As" powers, admins who otherwise lack this privilege would still be able to utilize the session IDs to imitate other users. While this is a very small attack vector that requires very high permissions to execute, its danger lies principally in obfuscating attribution; all Sign In As operations are attributed appropriately in the log files, and a malicious administrator could use this information to render their dealings untraceable — including those admins who have not been granted this ability — such as by using a session ID to generate an API token. Fixed in: 24.07.12 / 23.01.20 LTS / 23.10.24v13 LTS / 24.04.24v5 LTS This was the original found by researcher Zakaria Agharghar. 2. Later, on October 20, 2025, another researcher (Chris O’Neill) found additional affected DWR Endpoints that are vulnerable to Information Disclosure, namely and in addition to the original found of "UserSessionAjax.getSessionList.dwr - Session ID exposure": * UserAjax.getUsersList.dwr - Enumerate all users with IDs, names, emails * RoleAjax.getUserRole.dwr - Get user role information * RoleAjax.getRole.dwr - Get role details * RoleAjax.getRolePermissions.dwr - View role permissions * RoleAjax.isPermissionableInheriting.dwr - Check permission inheritance * RoleAjax.getCurrentCascadePermissionsJobs.dwr - View permission cascade jobs * ThreadMonitorTool.getThreads.dwr - Monitor system threads; and, * CRITICAL - Privilege Escalation: RoleAjax.saveRolePermission.dwr - Modify role permissions Overall CVSS for the above findings: * CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L * Score: 9.1 (Critical)
CVE-2023-29174 2026-04-15 6.5 Medium
Missing Authorization vulnerability in NervyThemes SKU Label Changer For WooCommerce.This issue affects SKU Label Changer For WooCommerce: from n/a through 3.0.
CVE-2025-15400 2 Openpix, Wordpress 2 Pix Para Woocommerce, Wordpress 2026-04-15 6.5 Medium
The OpenPix for WooCommerce WordPress plugin through 2.13.3 allows any authenticated user to trigger AJAX actions that reset payment gateway configuration options without capability or nonce checks. This permits any authenticated users, such as subscribers to clear API credentials and webhook status, causing persistent disruption of OpenPix payment functionality.
CVE-2023-28492 2026-04-15 4.3 Medium
Missing Authorization vulnerability in CodePeople CP Multi View Event Calendar allows Functionality Misuse.This issue affects CP Multi View Event Calendar: from n/a through 1.4.10.