An improper access check allows unauthorized access to webservice endpoints.
An improper access check allows unauthorized access to com_config webservice endpoints.
An improper access check allows privelege escalation through the com_users group editing webservice endpoint.
A security issue was identified in Pavilion due to improper authorization enforcement in API endpoints. This vulnerability can allow an unauthorized actor to execute privileged operations, including u
A
CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could
cause manipulation of SOAP API calls and XML external entities injection resulting in unauthoriz
Improper input handling in a system endpoint may allow attackers to overload resources, causing a denial of service.
CWE-284: Improper Access Control
Incorrect access control in the share-based read endpoints of Sismics Docs (Teedy) v1.11 allow unauthorized attackers to access sensitive endpoints via a crafted request.
Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations.
Incorrect access control in the REST API endpoint of HubSpot v1.29441 allows unauthenticated attackers to view users' data without proper authorization.
CWE-284: Improper Access Control in web services in Progress Sitefinity 15.4.8623 before 15.4.8630 allows a remote unauthenticated attacker to access content that should be restricted, resulting in fu
Improper access control in AuditLogService prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information.
Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network.
Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.
Improper input validation in Windows Server Update Service allows an unauthorized attacker to execute code over a network.
A specific administrative endpoint notifications is accessible without proper authentication.
Improper access control in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to use the privileged APIs.
Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.
Improper access control in the ASP could allow a privileged attacker to perform an out-of-bounds write to a memory location not controlled by the attacker, potentially leading to loss of confidentiali
Incorrect Access Control in Cfx.re FXServer v9601 and earlier allows unauthenticated users to modify and read arbitrary user data via exposed API endpoint
Page 1+ Next →