Vulnerabilities > Improper Access Control
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-11 | CVE-2024-0414 | Improper Access Control vulnerability in Csdeshang Dscms 7.0/7.1 A vulnerability classified as problematic has been found in DeShang DSCMS up to 3.1.2/7.1. | 9.8 |
| 2024-01-11 | CVE-2024-21666 | Improper Access Control vulnerability in Pimcore Customer Management Framework The Customer Management Framework (CMF) for Pimcore adds functionality for customer data management, segmentation, personalization and marketing automation. | 6.5 |
| 2024-01-11 | CVE-2024-21667 | Improper Access Control vulnerability in Pimcore Customer Management Framework pimcore/customer-data-framework is the Customer Management Framework for management of customer data within Pimcore. | 6.5 |
| 2024-01-10 | CVE-2023-46712 | Improper Access Control vulnerability in Fortinet Fortiportal A improper access control in Fortinet FortiPortal version 7.0.0 through 7.0.6, Fortinet FortiPortal version 7.2.0 through 7.2.1 allows attacker to escalate its privilege via specifically crafted HTTP requests. | 8.8 |
| 2024-01-10 | CVE-2024-0356 | Improper Access Control vulnerability in Mandelo SSM Shiro Blog 1.0 A vulnerability has been found in Mandelo ssm_shiro_blog 1.0 and classified as problematic. | 7.5 |
| 2024-01-10 | CVE-2024-0358 | Improper Access Control vulnerability in Csdeshang Dso2O 4.1.0 A vulnerability was found in DeShang DSO2O up to 4.1.0. | 7.5 |
| 2024-01-09 | CVE-2023-7223 | Improper Access Control vulnerability in Totolink T6 Firmware 4.1.9Cu.5241B20210923 A vulnerability classified as problematic has been found in Totolink T6 4.1.9cu.5241_B20210923. | 6.5 |
| 2023-12-22 | CVE-2023-50928 | Improper Access Control vulnerability in Amazon Awslabs Sandbox Accounts for Events "Sandbox Accounts for Events" provides multiple, temporary AWS accounts to a number of authenticated users simultaneously via a browser-based GUI. | 9.0 |
| 2023-12-22 | CVE-2023-49791 | Improper Access Control vulnerability in Nextcloud Server Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. | 5.4 |
| 2023-12-21 | CVE-2023-50783 | Improper Access Control vulnerability in Apache Airflow Apache Airflow, versions before 2.8.0, is affected by a vulnerability that allows an authenticated user without the variable edit permission, to update a variable. This flaw compromises the integrity of variable management, potentially leading to unauthorized data modification. Users are recommended to upgrade to 2.8.0, which fixes this issue | 6.5 |