Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-863 Clear
ID Title
CVE-2024-57969 app/Model/Attribute.php in MISP before 2.4.198 ignores an ACL during a GUI attribute search.
app/Model/Attribute.php in MISP before 2.4.198 ignores an ACL during a GUI attribute search.
CVE-2025-24200 KEV [KEV] Authorization Flaw in Apple ios-and-ipados (CVE-2025-24200)
vulnerability in Apple ios-and-ipados (CVE-2025-24200). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-37775 Authorization Flaw in sunbirddcim (CVE-2024-37775)
vulnerability in sunbirddcim (CVE-2024-37775). Data can be tampered with by attackers.
CVE-2024-21287 KEV [KEV] Authorization Flaw in Oracle agile-product-lifecycle-management-plm (CVE-2024-21287)
vulnerability in Oracle agile-product-lifecycle-management-plm (CVE-2024-21287). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-44765 Authorization Flaw in CVE-2024-44765 (CVE-2024-44765)
vulnerability in CVE-2024-44765 (CVE-2024-44765). Confidential information can be exposed externally.
CVE-2024-48544 Authorization Flaw in CVE-2024-48544 (CVE-2024-48544)
vulnerability in CVE-2024-48544 (CVE-2024-48544). Successful exploitation can lead to full system takeover.
CVE-2024-21262 Authorization Flaw in c (CVE-2024-21262)
vulnerability in c (CVE-2024-21262). Risk of unauthorized operations or information disclosure.
CVE-2024-48772 Authorization Flaw in c (CVE-2024-48772)
vulnerability in c (CVE-2024-48772). Confidential information can be exposed externally.
CVE-2024-48778 Authorization Flaw in CVE-2024-48778 (CVE-2024-48778)
vulnerability in CVE-2024-48778 (CVE-2024-48778). Confidential information can be exposed externally.
CVE-2024-48784 Authorization Flaw in CVE-2024-48784 (CVE-2024-48784)
vulnerability in CVE-2024-48784 (CVE-2024-48784). Successful exploitation can lead to full system takeover.
CVE-2024-48786 Authorization Flaw in CVE-2024-48786 (CVE-2024-48786)
vulnerability in CVE-2024-48786 (CVE-2024-48786). Confidential information can be exposed externally.
CVE-2024-48787 Authorization Flaw in CVE-2024-48787 (CVE-2024-48787)
vulnerability in CVE-2024-48787 (CVE-2024-48787). Confidential information can be exposed externally.
CVE-2024-48769 Authorization Flaw in CVE-2024-48769 (CVE-2024-48769)
vulnerability in CVE-2024-48769 (CVE-2024-48769). Confidential information can be exposed externally.
CVE-2024-7108 Authorization Flaw in nationalkeep (CVE-2024-7108)
vulnerability in nationalkeep (CVE-2024-7108). Successful exploitation can lead to full system takeover.
CVE-2024-46918 Authorization Flaw in misp-project (CVE-2024-46918)
vulnerability in misp-project (CVE-2024-46918). Confidential information can be exposed externally.
CVE-2024-44667 Authorization Flaw in CVE-2024-44667 (CVE-2024-44667)
vulnerability in CVE-2024-44667 (CVE-2024-44667). Successful exploitation can lead to full system takeover.
CVE-2024-45509 Authorization Flaw in misp-project (CVE-2024-45509)
vulnerability in misp-project (CVE-2024-45509). Confidential information can be exposed externally.
CVE-2024-38856 KEV [KEV] Authorization Flaw in Apache ofbiz (CVE-2024-38856)
vulnerability in Apache ofbiz (CVE-2024-38856). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-38884 Authorization Flaw in horizoncloud (CVE-2024-38884)
vulnerability in horizoncloud (CVE-2024-38884). Successful exploitation can lead to full system takeover.
CVE-2024-23669 Vulnerability in fortinet (CVE-2024-23669)
vulnerability in fortinet (CVE-2024-23669). Confidential information can be exposed externally.
CVE-2021-40655 KEV [KEV] Authorization Flaw in D-link dir-605-router (CVE-2021-40655)
vulnerability in D-link dir-605-router (CVE-2021-40655). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-47320 Authorization Flaw in silverpeas (CVE-2023-47320)
vulnerability in silverpeas (CVE-2023-47320). Data can be tampered with by attackers.
CVE-2023-22518 KEV [KEV] Authorization Flaw in Atlassian confluence-data-center-and-server (CVE-2023-22518)
vulnerability in Atlassian confluence-data-center-and-server (CVE-2023-22518). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-38035 KEV [KEV] Authorization Flaw in Ivanti sentry (CVE-2023-38035)
vulnerability in Ivanti sentry (CVE-2023-38035). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-33468 Authorization Flaw in kramerav (CVE-2023-33468)
vulnerability in kramerav (CVE-2023-33468). Confidential information can be exposed externally.
CVE-2023-38958 Authorization Flaw in zkteco (CVE-2023-38958)
vulnerability in zkteco (CVE-2023-38958). Risk of unauthorized operations or information disclosure.
CVE-2023-33779 Authorization Flaw in privilege-escalation (CVE-2023-33779)
vulnerability in privilege-escalation (CVE-2023-33779). Successful exploitation can lead to full system takeover.
CVE-2023-26818 Authorization Flaw in telegram (CVE-2023-26818)
vulnerability in telegram (CVE-2023-26818). Confidential information can be exposed externally.
CVE-2023-23445 Vulnerability in sick (CVE-2023-23445)
vulnerability in sick (CVE-2023-23445). Confidential information can be exposed externally.
CVE-2023-23446 Vulnerability in sick (CVE-2023-23446)
vulnerability in sick (CVE-2023-23446). Confidential information can be exposed externally.
CVE-2023-29818 Authorization Flaw in webroot (CVE-2023-29818)
vulnerability in webroot (CVE-2023-29818). Data can be tampered with by attackers.
CVE-2023-29819 Privilege Escalation in webroot (CVE-2023-29819)
vulnerability in webroot (CVE-2023-29819). Confidential information can be exposed externally.
CVE-2021-3560 KEV [KEV] Authorization Flaw in Red hat red-hat (CVE-2021-3560)
vulnerability in Red hat red-hat (CVE-2021-3560). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-26244 Privilege Escalation in hyundai (CVE-2023-26244)
vulnerability in hyundai (CVE-2023-26244). Successful exploitation can lead to full system takeover.
CVE-2023-26245 Privilege Escalation in hyundai (CVE-2023-26245)
vulnerability in hyundai (CVE-2023-26245). Successful exploitation can lead to full system takeover.
CVE-2023-26246 Privilege Escalation in hyundai (CVE-2023-26246)
vulnerability in hyundai (CVE-2023-26246). Successful exploitation can lead to full system takeover.
CVE-2023-24880 KEV [KEV] Authorization Flaw in Microsoft windows (CVE-2023-24880)
vulnerability in Microsoft windows (CVE-2023-24880). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-21715 KEV [KEV] Authorization Flaw in Microsoft office (CVE-2023-21715)
vulnerability in Microsoft office (CVE-2023-21715). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-41091 KEV [KEV] Authorization Flaw in Microsoft windows (CVE-2022-41091)
vulnerability in Microsoft windows (CVE-2022-41091). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-42724 Information Disclosure in misp-project (CVE-2022-42724)
vulnerability in misp-project (CVE-2022-42724). Risk of unauthorized operations or information disclosure.
CVE-2022-36634 Authorization Flaw in zkteco (CVE-2022-36634)
vulnerability in zkteco (CVE-2022-36634). Successful exploitation can lead to full system takeover.
CVE-2021-30533 KEV [KEV] Authorization Flaw in Google chromium-popupblocker (CVE-2021-30533)
vulnerability in Google chromium-popupblocker (CVE-2021-30533). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-7192 KEV [KEV] Authorization Flaw in Qnap photo-station (CVE-2019-7192)
vulnerability in Qnap photo-station (CVE-2019-7192). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-28936 Authorization Flaw in acexy (CVE-2021-28936)
vulnerability in acexy (CVE-2021-28936). Data can be tampered with by attackers.
CVE-2018-8044 Privilege Escalation in k7computing (CVE-2018-8044)
vulnerability in k7computing (CVE-2018-8044). Successful exploitation can lead to full system takeover.
CVE-2018-8724 Privilege Escalation in k7computing (CVE-2018-8724)
vulnerability in k7computing (CVE-2018-8724). Successful exploitation can lead to full system takeover.
CVE-2021-39904 Authorization Flaw in gitlab (CVE-2021-39904)
vulnerability in gitlab (CVE-2021-39904). Risk of unauthorized operations or information disclosure.
CVE-2021-22986 KEV [KEV] Authorization Flaw in F5 big-ip-and-big-iq-centralized-management (CVE-2021-22986)
vulnerability in F5 big-ip-and-big-iq-centralized-management (CVE-2021-22986). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-40639 Vulnerability in jflyfox (CVE-2021-40639)
vulnerability in jflyfox (CVE-2021-40639). Confidential information can be exposed externally.
CVE-2017-17067 Authorization Flaw in splunk (CVE-2017-17067)
vulnerability in splunk (CVE-2017-17067). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →