CWE-862 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (7640 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-43296	1 Bplugins	1 Html5 Video Player	2024-11-13	4.3 Medium
Missing Authorization vulnerability in bPlugins LLC Flash & HTML5 Video allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flash & HTML5 Video: from n/a through 2.5.30.
CVE-2024-43297	1 Backupbliss	1 Clone	2024-11-13	4.3 Medium
Missing Authorization vulnerability in Migrate Clone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clone: from n/a through 2.4.5.
CVE-2024-43298	1 Backupbliss	1 Clone	2024-11-13	4.3 Medium
Missing Authorization vulnerability in Migrate Clone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clone: from n/a through 2.4.5.
CVE-2024-43302	1 Fontsplugin	1 Fonts	2024-11-13	4.3 Medium
Missing Authorization vulnerability in Fonts Plugin Fonts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fonts: from n/a through 3.7.7.
CVE-2024-43310	1 Ukrsolution	1 Print Labels With Barcodes	2024-11-13	6.5 Medium
Missing Authorization vulnerability in UkrSolution Print Barcode Labels for your WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Print Barcode Labels for your WooCommerce products/orders: from n/a through 3.4.9.
CVE-2024-43312	1 Wpclever	1 Wpc Frequently Bought Together For Woocommerce	2024-11-13	5.4 Medium
Missing Authorization vulnerability in WPClever WPC Frequently Bought Together for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPC Frequently Bought Together for WooCommerce: from n/a through 7.1.9.
CVE-2024-43929	1 Eyecix	1 Jobsearch Wp Job Board	2024-11-12	6.5 Medium
Missing Authorization vulnerability in eyecix JobSearch allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JobSearch: from n/a through 2.5.4.
CVE-2024-43928	1 Eyecix	1 Jobsearch Wp Job Board	2024-11-12	5.4 Medium
Missing Authorization vulnerability in eyecix JobSearch allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JobSearch: from n/a through 2.5.4.
CVE-2024-47587			2024-11-12	3.5 Low
Cash Operations does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges causing low impact to confidentiality to the application.
CVE-2024-42372	1 Sap	1 Netweaver System Landscape Directory	2024-11-12	6.5 Medium
Due to missing authorization check in SAP NetWeaver AS Java (System Landscape Directory) an unauthorized user can read and modify some restricted global SLD configurations causing low impact on confidentiality and integrity of the application.
CVE-2024-43998	1 Websiteinwp	1 Blogpoet	2024-11-08	6.5 Medium
Missing Authorization vulnerability in WebsiteinWP Blogpoet allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blogpoet: from n/a through 1.0.3.
CVE-2024-43982	2 Geek Code Lab, Geekcodelab	2 Login As Users, Login As Users	2024-11-08	8.8 High
Missing Authorization vulnerability in Geek Code Lab Login As Users allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login As Users: from n/a through 1.4.3.
CVE-2024-43981	1 Ayecode	1 Geodirectory	2024-11-08	4.3 Medium
Missing Authorization vulnerability in AyeCode – WP Business Directory Plugins GeoDirectory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GeoDirectory: from n/a through 2.3.70.
CVE-2024-43980	1 Cozythemes	1 Fotawp	2024-11-08	6.5 Medium
Missing Authorization vulnerability in CozyThemes Fota WP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fota WP: from n/a through 1.4.1.
CVE-2024-43979	1 Cozythemes	1 Blockbooster	2024-11-08	6.5 Medium
Missing Authorization vulnerability in CozyThemes Blockbooster allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blockbooster: from n/a through 1.0.10.
CVE-2024-43974	1 Cozythemes	1 Revivenews	2024-11-08	6.5 Medium
Missing Authorization vulnerability in CozyThemes ReviveNews allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ReviveNews: from n/a through 1.0.2.
CVE-2024-43962	1 Lws	1 Affiliation	2024-11-08	5.4 Medium
Missing Authorization vulnerability in LWS LWS Affiliation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LWS Affiliation: from n/a through 2.3.4.
CVE-2024-43956	1 Caseproof	1 Memberpress	2024-11-08	6.5 Medium
Missing Authorization vulnerability in Caseproof, LLC Memberpress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Memberpress: from n/a through 1.11.34.
CVE-2024-43937	1 Themeum	1 Wp Crowdfunding	2024-11-08	6.4 Medium
Missing Authorization vulnerability in Themeum WP Crowdfunding allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Crowdfunding: from n/a through 2.1.10.
CVE-2024-49367	1 Nginxui	1 Nginx Ui	2024-11-07	7.5 High
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.0.0-beta.36, the log path of nginxui is controllable. This issue can be combined with the directory traversal at `/api/configs` to read directories and file contents on the server. Version 2.0.0-beta.36 fixes the issue.

« first previous Page 376 of 382. next last »