Official Document Management System developed by 2100 Technology has a Incorrect Authorization vulnerability, allowing authenticated remote attackers to modify front-end code to read all official docu
Official Document Management System developed by 2100 Technology has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to obtain any user's connection token and use it
The access control in the Electronic Official Document Management System from 2100 TECHNOLOGY is not properly implemented, allowing remote attackers with regular privileges to access the account sett
The Electronic Official Document Management System from 2100 Technology has an Authentication Bypass vulnerability. Although the product enforces an IP whitelist for the API used to query user tokens,
Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users’ passwords.
Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users’ passwords.
A security vulnerability has been identified in FlexNet Manager Suite 2025 R1 and R2 that could allow unauthorized access to attachment files due to insufficient access control.
The API used to interact with documents in the application contains a flaw that allows an authenticated attacker to read the contents of files on the underlying operating system. An account with ‘read
Improper handling of insufficient permissions in Routines prior to SMR May-2026 Release 1 allows local attackers to access sensitive information.
The API used to interact with documents in the application contains two endpoints with a flaw that allows an authenticated attacker to write a file with controlled contents to an arbitrary location on
Improper verification of cryptographic signature in Font Settings prior to SMR Mar-2026 Release 1 allows physical attackers to use custom font.
A vulnerability was detected in toeverything AFFiNE up to 0.26.3. This issue affects the function allowDocPreview of the file /workspace/:workspaceId/:docId of the component Public Markdown Preview En
The a+HRD developed by aEnrich has a Missing Authorization vulnerability, allowing authenticated remote attackers to arbitrarily read database contents through a specific API method.
A vulnerability, which was classified as problematic, has been found in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 7. This issue affects some unknown processing of the fil
Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete attachments made by other users.
Vitals ESP developed by Galaxy Software Services has a Incorrect Authorization vulnerability, allowing authenticated remote attackers to perform certain administrative functions, thereby escalating pr
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier are affected by an out-of-bounds read vulnerability that could
A security flaw has been discovered in code-projects Contact Management System 1.0. This affects an unknown part of the component CRUD Endpoint. The manipulation of the argument ID results in improper
Addressed a potential insecure direct object reference (IDOR) vulnerability in the signing invitation acceptance process. Under certain conditions, this issue could have allowed an attacker to access
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to inject arbitrary HTML content into a de
Page 1+ Next →