Vulnerabilities > Insufficient Granularity of Access Control

DATE CVE VULNERABILITY TITLE RISK
2024-09-13 CVE-2024-6867 Insufficient Granularity of Access Control vulnerability in Lunary 1.4.9
An information disclosure vulnerability exists in the lunary-ai/lunary, specifically in the `runs/{run_id}/related` endpoint.
network
low complexity
lunary CWE-1220
6.5
2023-08-11 CVE-2023-39418 Insufficient Granularity of Access Control vulnerability in multiple products
A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT.
network
low complexity
postgresql redhat debian CWE-1220
4.3