| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges |
| In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges |
| In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges |
| In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges |
| In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges |
| In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges |
| In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges |
| In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges |
| Missing Authorization vulnerability in Afzal Multani WP Clone Menu.This issue affects WP Clone Menu: from n/a through 1.0.1. |
| Missing Authorization vulnerability in Artbees JupiterX Core.This issue affects JupiterX Core: from 3.0.0 through 3.3.0. |
| Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through 3.6.25. |
| Incorrect Authorization vulnerability in Artbees JupiterX Core allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JupiterX Core: from n/a through 3.3.8. |
| Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Incorrect Authorization . An authenticated attacker can exploit this to achieve information exposure and privilege escalation. |
| An improper privilege check in the OTRS ticket move action in the agent interface allows any as agent authenticated attacker to to perform a move of an ticket without the needed permission.
This issue affects OTRS: from 8.0.X before 8.0.35.
|
| A missing permission check in Jenkins ElasticBox CI Plugin 5.0.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. |
| A missing permission check in Jenkins Benchmark Evaluator Plugin 1.0.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL and to check for the existence of directories, `.csv`, and `.ycsb` files on the Jenkins controller file system. |
| A missing permission check in Jenkins Sumologic Publisher Plugin 2.2.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL. |
| A missing permission check in Jenkins Test Results Aggregator Plugin 1.2.13 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials. |
| A missing permission check in Jenkins mabl Plugin 0.0.46 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. |
| A missing permission check in Jenkins mabl Plugin 0.0.46 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. |
