VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Access Control
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-02-25
CVE-2024-13693
The Enfold theme for WordPress is vulnerable to unauthorized access of data due to a missing capability check in avia-export-class.php in all versions up to, and including, 6.0.9.
network
low complexity
CWE-284
5.3
5.3
2025-02-24
CVE-2025-1606
A vulnerability classified as problematic was found in SourceCodester Best Employee Management System 1.0.
network
low complexity
CWE-284
4.3
4.3
2025-02-23
CVE-2025-1595
A vulnerability has been found in Anhui Xufan Information Technology EasyCVR up to 2.7.0 and classified as problematic.
network
low complexity
CWE-284
5.3
5.3
2025-02-19
CVE-2025-20153
A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device.
network
low complexity
CWE-284
5.8
5.8
2025-02-19
CVE-2024-13854
The Education Addon for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.1 via the naedu_elementor_template shortcode due to missing validation on a user controlled key.
network
low complexity
CWE-284
4.3
4.3
2025-02-17
CVE-2025-1391
A flaw was found in the Keycloak organization feature, which allows the incorrect assignment of an organization to a user if their username or email matches the organization’s domain pattern.
network
low complexity
CWE-284
5.4
5.4
2025-02-11
CVE-2025-21337
Windows NTFS Elevation of Privilege Vulnerability
local
low complexity
CWE-284
3.3
3.3
2025-02-11
CVE-2025-21359
Windows Kernel Security Feature Bypass Vulnerability
local
low complexity
CWE-284
7.8
7.8
2025-02-11
CVE-2025-24042
Visual Studio Code JS Debug Extension Elevation of Privilege Vulnerability
local
low complexity
CWE-284
7.3
7.3
2025-02-11
CVE-2025-24411
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass.
network
low complexity
CWE-284
8.1
8.1
«
1
(current)
2
3
4
5
...
79
80
»
Next