| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges |
| In LTE protocol stack, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed |
| In Contacts service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges |
| In vowifi service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges |
| In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges |
| In Contacts service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges |
| In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges |
| In Contacts Service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges |
| In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges |
| In bluetooth service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. |
| In bluetooth service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. |
| In aee, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07909204; Issue ID: ALPS07909204. |
| Missing Authorization vulnerability in Daniel Powney Multi Rating allows Functionality Misuse.This issue affects Multi Rating: from n/a through 5.0.6.
|
| Missing Authorization vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates).This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through 1.5.65. |
| The Palantir Tiles1 service was found to be vulnerable to an API wide issue where the service was not performing authentication/authorization on all the endpoints.
|
| The foundry campaigns service was found to be vulnerable to an unauthenticated information disclosure in a rest endpoint |
| In the module "Detailed Order" (lgdetailedorder) in version up to 1.1.20 from Linea Grafica for PrestaShop, a guest can download personal informations without restriction formatted in json. |
| The Gallery Metabox for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the refresh_metabox function in versions up to, and including, 1.5. This makes it possible for subscriber-level attackers to obtain a list of images attached to a post. |
| Missing access permissions checks in M-Files Client before 23.5.12598.0 (excluding 23.2 SR2 and newer) allows elevation of privilege via UI extension applications |
| The Nested Pages plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'reset' function in versions up to, and including, 3.2.3. This makes it possible for authenticated attackers, with editor-level permissions and above, to reset plugin settings. |
