Improper access control of endpoint in HCL Leap
allows certain admin users to import applications from the
server's filesystem.
Improper access control of endpoint in HCL Domino Leap
allows certain admin users to import applications from the
server's filesystem.
Insufficient default configuration in HCL Leap
allows anonymous access to directory information.
Insufficient default configuration in HCL Leap
allows anonymous access to directory information.
Missing "no cache" headers in HCL Leap permits user directory information to be cached.
Insufficient URI protocol whitelist in HCL Leap
allows script injection through query parameters.
HCL Aftermarket DPC is affected by Missing Functional Level Access Control which will allow attacker to escalate his privileges and may compromise the application and may steal and manipulate the data
Missing "no cache" headers in HCL Leap permits sensitive data to be cached.
CWE-284: Improper Access Control
Improper access restrictions in HCL BigFix Remote Control Server WebUI (versions 10.1.0.0248 and lower) allow non-admin users to view unauthorized information on certain web pages.
A vulnerability exists in Progress Flowmon versions prior 12.5.6 where certain system configuration files have incorrect file permissions, allowing a user with access to the default flowmon system use
An error when handling authorization related to the import / export interfaces on the RISC Platform prior to the saas-2021-12-29 release can potentially be exploited to access the import / export func
Incorrect access control in the /admin/ API of yaoqishan v0.0.1-SNAPSHOT allows attackers to gain access to Admin rights via a crafted request.
Improper access control in Windows MultiPoint Services allows an authorized attacker to elevate privileges locally.
There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission.
Incorrect access control in youlai-boot v2.21.1 allows attackers to escalate privileges and access the Administrator backend.
A security vulnerability in HCL Compass can allow attacker to gain unauthorized database access.
HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.
Incorrect access control in Itel Electronics IP Stream v1.7.0.6 allows unauthorized attackers to execute arbitrary commands with Administrator privileges.
Improper access control in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
Page 1+ Next →