ReportizFlow
Filtered by vendor
Subscriptions
Total
4191 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-1557 | 1 E-commerce System Project | 1 E-commerce System | 2024-11-21 | 6.3 Medium |
| A vulnerability was found in SourceCodester E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /ecommerce/admin/user/controller.php?action=edit of the component Username Handler. The manipulation of the argument USERID leads to improper access controls. The attack may be launched remotely. VDB-223550 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-1491 | 1 Maxpcsecure | 1 Anti Virus Plus | 2024-11-21 | 4.4 Medium |
| A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1. It has been classified as critical. This affects the function 0x220020 in the library MaxCryptMon.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier VDB-223377 was assigned to this vulnerability. | ||||
| CVE-2023-1490 | 1 Maxpcsecure | 1 Anti Virus Plus | 2024-11-21 | 4.4 Medium |
| A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1 and classified as critical. Affected by this issue is the function 0x220020 in the library SDActMon.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223376. | ||||
| CVE-2023-1489 | 1 Wisecleaner | 1 Wise System Monitor | 2024-11-21 | 7.8 High |
| A vulnerability has been found in Lespeed WiseCleaner Wise System Monitor 1.5.3.54 and classified as critical. Affected by this vulnerability is the function 0x9C402088 in the library WiseHDInfo64.dll of the component IoControlCode Handler. The manipulation leads to improper access controls. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223375. | ||||
| CVE-2023-1486 | 1 Wisecleaner | 1 Wise Force Deleter | 2024-11-21 | 4.4 Medium |
| A vulnerability classified as problematic was found in Lespeed WiseCleaner Wise Force Deleter 1.5.3.54. This vulnerability affects the function 0x220004 in the library WiseUnlock64.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223372. | ||||
| CVE-2023-1453 | 1 Watchdog | 1 Anti-virus | 2024-11-21 | 4.4 Medium |
| A vulnerability was found in Watchdog Anti-Virus 1.4.214.0. It has been rated as critical. Affected by this issue is the function 0x80002008 in the library wsdk-driver.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-223298 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-1432 | 1 Online Food Ordering System Project | 1 Online Food Ordering System | 2024-11-21 | 7.3 High |
| A vulnerability was found in SourceCodester Online Food Ordering System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /fos/admin/ajax.php?action=save_settings of the component POST Request Handler. The manipulation leads to improper access controls. The attack may be launched remotely. VDB-223214 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-1007 | 1 Filseclab | 1 Twister Antivirus | 2024-11-21 | 5.3 Medium |
| A vulnerability was found in Twister Antivirus 8.17. It has been declared as critical. This vulnerability affects the function 0x801120E4 in the library filmfd.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221740. | ||||
| CVE-2023-0998 | 1 Alphaware Simple E-commerce System Project | 1 Alphaware Simple E-commerce System | 2024-11-21 | 6.5 Medium |
| A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file /alphaware/summary.php of the component Payment Handler. The manipulation of the argument amount leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221733 was assigned to this vulnerability. | ||||
| CVE-2023-0916 | 1 Auto Dealer Management System Project | 1 Auto Dealer Management System | 2024-11-21 | 6.3 Medium |
| A vulnerability classified as critical was found in SourceCodester Auto Dealer Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /adms/classes/Users.php. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221491. | ||||
| CVE-2023-0506 | 1 Bydemes | 1 Airspace Cctv Web Service | 2024-11-21 | 8.8 High |
| The web service of ByDemes Group Airspace CCTV Web Service in its 2.616.BY00.11 version, contains a privilege escalation vulnerability, detected in the Camera Control Panel, whose exploitation could allow a low-privileged attacker to gain administrator access. | ||||
| CVE-2022-48683 | 1 Apple | 1 Macos | 2024-11-21 | 8.6 High |
| An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13. An app may be able to break out of its sandbox. | ||||
| CVE-2022-48615 | 1 Huawei | 2 Ar617vw, Ar617vw Firmware | 2024-11-21 | 4.8 Medium |
| An improper access control vulnerability exists in a Huawei datacom product. Attackers can exploit this vulnerability to obtain partial device information. | ||||
| CVE-2022-47558 | 1 Ormazabal | 4 Ekorccp, Ekorccp Firmware, Ekorrci and 1 more | 2024-11-21 | 9.4 Critical |
| Devices ekorCCP and ekorRCI are vulnerable due to access to the FTP service using default credentials. Exploitation of this vulnerability can allow an attacker to modify critical files that could allow the creation of new users, delete or modify existing users, modify configuration files, install rootkits or backdoors. | ||||
| CVE-2022-47036 | 2024-11-21 | 9.8 Critical | ||
| Siklu TG Terragraph devices before approximately 2.1.1 have a hardcoded root password that has been revealed via a brute force attack on an MD5 hash. It can be used for "debug login" by an admin. NOTE: the vulnerability is not fixed by the 2.1.1 firmware; instead, it is fixed in newer hardware, which would typically be used with firmware 2.1.1 or later. | ||||
| CVE-2022-46025 | 1 Totolink | 2 N200re V5, N200re V5 Firmware | 2024-11-21 | 9.1 Critical |
| Totolink N200RE_V5 V9.3.5u.6255_B20211224 is vulnerable to Incorrect Access Control. The device allows remote attackers to obtain Wi-Fi system information, such as Wi-Fi SSID and Wi-Fi password, without logging into the management page. | ||||
| CVE-2022-45929 | 2024-11-21 | 8.8 High | ||
| Northern.tech Mender 3.3.x before 3.3.2, 3.5.x before 3.5.0, and 3.6.x before 3.6.0 has Incorrect Access Control and allows users to change their roles and could allow privilege escalation from a low-privileged read-only user to a high-privileged user. | ||||
| CVE-2022-45112 | 1 Intel | 1 Virtual Raid On Cpu | 2024-11-21 | 7.3 High |
| Improper access control in some Intel(R) VROC software before version 8.0.0.4035 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-41689 | 1 Intel | 1 In-band Manageability | 2024-11-21 | 7.3 High |
| Improper access control in some Intel In-Band Manageability software before version 3.0.14 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-41659 | 1 Intel | 1 Unison | 2024-11-21 | 1.9 Low |
| Improper access control for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access. | ||||