Vulnerabilities > Improper Access Control

DATE CVE VULNERABILITY TITLE RISK
2022-01-11 CVE-2022-0170 peertube is vulnerable to Improper Access Control
network
low complexity
CWE-284
4.0
2022-01-10 CVE-2022-0133 Improper Access Control vulnerability in Framasoft Peertube
peertube is vulnerable to Improper Access Control
network
low complexity
framasoft CWE-284
5.0
2021-12-17 CVE-2021-36779 Improper Access Control vulnerability in Linuxfoundation Longhorn
A Improper Access Control vulnerability inf SUSE Longhorn allows any workload in the cluster to execute any binary present in the image on the host without authentication.
low complexity
linuxfoundation CWE-284
8.3
2021-12-17 CVE-2021-36780 Improper Access Control vulnerability in Linuxfoundation Longhorn
A Improper Access Control vulnerability in longhorn of SUSE Longhorn allows attackers to connect to a longhorn-engine replica instance granting it the ability to read and write data to and from a replica that they should not have access to.
low complexity
linuxfoundation CWE-284
4.8
2021-12-15 CVE-2021-4119 Improper Access Control vulnerability in Bookstackapp Bookstack
bookstack is vulnerable to Improper Access Control
network
low complexity
bookstackapp CWE-284
7.5
2021-12-13 CVE-2021-24845 Improper Access Control vulnerability in Improved Include Page Project Improved Include Page 1.2
The Improved Include Page WordPress plugin through 1.2 allows passing shortcode attributes with post_type & post_status which can be used to retrieve arbitrary content.
network
low complexity
improved-include-page-project CWE-284
4.0
2021-12-13 CVE-2021-24859 Improper Access Control vulnerability in User Meta Shortcodes Project User Meta Shortcodes
The User Meta Shortcodes WordPress plugin through 0.5 registers a shortcode that allows any user with a role as low as contributor to access other users metadata by specifying the user login as a parameter.
network
low complexity
user-meta-shortcodes-project CWE-284
4.0
2021-12-01 CVE-2020-10627 Improper Access Control vulnerability in Omnipod Insulin Management System Firmware
Insulet Omnipod Insulin Management System insulin pump product ID 19191 and 40160 is designed to communicate using a wireless RF with an Insulet manufactured Personal Diabetes Manager device.
low complexity
omnipod CWE-284
4.8
2021-11-23 CVE-2021-43019 Improper Access Control vulnerability in Adobe Creative Cloud Desktop Application
Adobe Creative Cloud version 5.5 (and earlier) are affected by a privilege escalation vulnerability in the resources leveraged by the Setup.exe service.
network
adobe CWE-284
critical
9.3
2021-11-19 CVE-2021-26262 Improper Access Control vulnerability in Philips MRI 1.5T Firmware and MRI 3T Firmware
Philips MRI 1.5T and MRI 3T Version 5.x.x does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
network
low complexity
philips CWE-284
5.0