Export limit exceeded: 11862 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11862 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-0641 | 1 Google | 1 Android | 2026-02-25 | 5.5 Medium |
| In getAvailableSubscriptionInfoList of SubscriptionController.java, there is a possible disclosure of unique identifiers due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-185235454 | ||||
| CVE-2024-47183 | 2 Parse Community, Parseplatform | 2 Parse Server, Parse-server | 2026-02-25 | 8.1 High |
| Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. If the Parse Server option allowCustomObjectId: true is set, an attacker that is allowed to create a new user can set a custom object ID for that new user that exploits the vulnerability and acquires privileges of a specific role. This vulnerability is fixed in 6.5.9 and 7.3.0. | ||||
| CVE-2023-33071 | 1 Qualcomm | 26 Qca6574, Qca6574 Firmware, Qca6574a and 23 more | 2026-02-25 | 8.4 High |
| Memory corruption in Automotive OS whenever untrusted apps try to access HAb for graphics functionalities. | ||||
| CVE-2022-31595 | 1 Sap | 1 Adaptive Server Enterprise | 2026-02-25 | 8.8 High |
| SAP Financial Consolidation - version 1010,�does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | ||||
| CVE-2022-2732 | 1 Open-emr | 1 Openemr | 2026-02-25 | 8.3 High |
| Missing Authorization in GitHub repository openemr/openemr prior to 7.0.0.1. | ||||
| CVE-2021-26040 | 1 Joomla | 1 Joomla\! | 2026-02-25 | 9.1 Critical |
| An issue was discovered in Joomla! 4.0.0. The media manager does not correctly check the user's permissions before executing a file deletion command. | ||||
| CVE-2021-23123 | 1 Joomla | 1 Joomla\! | 2026-02-25 | 5.3 Medium |
| An issue was discovered in Joomla! 3.0.0 through 3.9.23. The lack of ACL checks in the orderPosition endpoint of com_modules leak names of unpublished and/or inaccessible modules. | ||||
| CVE-2021-26027 | 1 Joomla | 1 Joomla\! | 2026-02-25 | 5.3 Medium |
| An issue was discovered in Joomla! 3.0.0 through 3.9.24. Incorrect ACL checks could allow unauthorized change of the category for an article. | ||||
| CVE-2022-1223 | 1 Phpipam | 1 Phpipam | 2026-02-24 | 6.5 Medium |
| Incorrect Authorization in GitHub repository phpipam/phpipam prior to 1.4.6. | ||||
| CVE-2022-0762 | 1 Microweber | 1 Microweber | 2026-02-24 | 5.5 Medium |
| Incorrect Authorization in GitHub repository microweber/microweber prior to 1.3. | ||||
| CVE-2022-0611 | 1 Snipeitapp | 1 Snipe-it | 2026-02-24 | 6.3 Medium |
| Missing Authorization in Packagist snipe/snipe-it prior to 5.3.11. | ||||
| CVE-2022-0588 | 1 Librenms | 1 Librenms | 2026-02-24 | 7.1 High |
| Missing Authorization in Packagist librenms/librenms prior to 22.2.0. | ||||
| CVE-2022-0580 | 1 Librenms | 1 Librenms | 2026-02-24 | 7.1 High |
| Incorrect Authorization in Packagist librenms/librenms prior to 22.2.0. | ||||
| CVE-2022-0579 | 1 Snipeitapp | 1 Snipe-it | 2026-02-24 | 6.5 Medium |
| Missing Authorization in Packagist snipe/snipe-it prior to 5.3.9. | ||||
| CVE-2022-0178 | 1 Snipeitapp | 1 Snipe-it | 2026-02-24 | 6.3 Medium |
| Missing Authorization vulnerability in snipe snipe/snipe-it.This issue affects snipe/snipe-i before 5.3.8. | ||||
| CVE-2025-11581 | 1 Powerjob | 1 Powerjob | 2026-02-24 | 5.3 Medium |
| A security vulnerability has been detected in PowerJob up to 5.1.2. This vulnerability affects unknown code of the file /openApi/runJob of the component OpenAPIController. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2025-11580 | 1 Powerjob | 1 Powerjob | 2026-02-24 | 5.3 Medium |
| A weakness has been identified in PowerJob up to 5.1.2. This affects the function list of the file /user/list. This manipulation causes missing authorization. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2025-15390 | 1 Phpgurukul | 1 Small Crm | 2026-02-24 | 6.3 Medium |
| A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2025-12925 | 1 Rymcu | 1 Forest | 2026-02-24 | 7.3 High |
| A security flaw has been discovered in rymcu forest up to de53ce79db9faa2efc4e79ce1077a302c42a1224. Impacted is the function getAll/addDic/getAllDic/deleteDic of the file src/main/java/com/rymcu/forest/lucene/api/UserDicController.java. The manipulation results in missing authorization. The attack may be launched remotely. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. | ||||
| CVE-2025-12924 | 1 Rymcu | 1 Forest | 2026-02-24 | 4.3 Medium |
| A vulnerability was identified in rymcu forest up to de53ce79db9faa2efc4e79ce1077a302c42a1224. This issue affects the function GlobalResult of the file src/main/java/com/rymcu/forest/web/api/bank/BankController.java. The manipulation leads to missing authorization. The attack may be initiated remotely. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. | ||||