Export limit exceeded: 10485 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10485 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-34691 | 1 Sap | 1 S\/4 Hana | 2024-11-21 | 6.5 Medium |
| Manage Incoming Payment Files (F1680) of SAP S/4HANA does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. As a result, it has high impact on integrity and no impact on the confidentiality and availability of the system. | ||||
| CVE-2024-34690 | 1 Sap | 1 Student Life Cycle Management | 2024-11-21 | 5.4 Medium |
| SAP Student Life Cycle Management (SLcM) fails to conduct proper authorization checks for authenticated users, leading to the potential escalation of privileges. On successful exploitation it could allow an attacker to access and edit non-sensitive report variants that are typically restricted, causing minimal impact on the confidentiality and integrity of the application. | ||||
| CVE-2024-34444 | 1 Themepunch | 1 Slider Revolution | 2024-11-21 | 7.1 High |
| Missing Authorization vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider Revolution: from n/a before 6.7.0. | ||||
| CVE-2024-34130 | 1 Adobe | 1 Acrobat Reader | 2024-11-21 | 5.5 Medium |
| Acrobat Mobile Sign Android versions 24.4.2.33155 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could exploit this vulnerability to access confidential information. Exploitation of this issue does not require user interaction. | ||||
| CVE-2024-34106 | 1 Adobe | 3 Commerce, Commerce Webhooks, Magento | 2024-11-21 | 5.3 Medium |
| Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to gain unauthorized access or perform actions with the privileges of another user. Exploitation of this issue does not require user interaction. | ||||
| CVE-2024-33586 | 2024-11-21 | 5.3 Medium | ||
| Missing Authorization vulnerability in Photo Gallery Team Photo Gallery by 10Web.This issue affects Photo Gallery by 10Web: from n/a through 1.8.20. | ||||
| CVE-2024-33564 | 1 8theme | 1 Xstore | 2024-11-21 | 8.8 High |
| Missing Authorization vulnerability in 8theme XStore.This issue affects XStore: from n/a through 9.3.8. | ||||
| CVE-2024-33563 | 1 8theme | 1 Xstore | 2024-11-21 | 7.6 High |
| Missing Authorization vulnerability in 8theme XStore.This issue affects XStore: from n/a through 9.3.8. | ||||
| CVE-2024-33561 | 1 8theme | 1 Xstore | 2024-11-21 | 7.5 High |
| Missing Authorization vulnerability in 8theme XStore.This issue affects XStore: from n/a through 9.3.8. | ||||
| CVE-2024-33555 | 1 8theme | 1 Xstore Core | 2024-11-21 | 8.1 High |
| Missing Authorization vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.8. | ||||
| CVE-2024-33547 | 1 Aa-team | 1 Wzone | 2024-11-21 | 8.3 High |
| Missing Authorization vulnerability in AA-Team WZone.This issue affects WZone: from n/a through 14.0.10. | ||||
| CVE-2024-33545 | 1 Aa-team | 1 Wzone | 2024-11-21 | 5.3 Medium |
| Missing Authorization vulnerability in AA-Team WZone.This issue affects WZone: from n/a through 14.0.10. | ||||
| CVE-2024-33543 | 1 Codepeople | 1 Wp Time Slots Booking Form | 2024-11-21 | 7.5 High |
| Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.2.06. | ||||
| CVE-2024-32713 | 1 Autowriter | 1 Ai Post Generator \| Autowriter | 2024-11-21 | 5.4 Medium |
| Missing Authorization vulnerability in AutoWriter AI Post Generator | AutoWriter.This issue affects AI Post Generator | AutoWriter: from n/a through 3.3. | ||||
| CVE-2024-32144 | 1 Welcart | 1 Welcart E-commerce | 2024-11-21 | 5.4 Medium |
| Missing Authorization vulnerability in Welcart Inc. Welcart e-Commerce.This issue affects Welcart e-Commerce: from n/a through 2.9.14. | ||||
| CVE-2024-32081 | 1 Websupporter Filter Custom Fields \& Taxonomies Light Project | 1 Websupporter Filter Custom Fields \& Taxonomies Light | 2024-11-21 | 4.3 Medium |
| Missing Authorization vulnerability in Websupporter Filter Custom Fields & Taxonomies Light.This issue affects Filter Custom Fields & Taxonomies Light: from n/a through 1.05. | ||||
| CVE-2024-31970 | 1 Adtran | 3 834-5, 834-5 Firmware, Sdg Smartos | 2024-11-21 | 7.2 High |
| AdTran SRG 834-5 HDC17600021F1 devices (with SmartOS 11.1.1.1 and fixed in Version 12.1.3.1) have SSH enabled by default, accessible both over the LAN and the Internet. During a window of time when the device is being set up, it uses a default username and password combination of admin/admin with root-level privileges. An attacker can exploit this window to gain unauthorized root access by either modifying the existing admin account or creating a new account with equivalent privileges. This vulnerability allows attackers to execute arbitrary commands. NOTE: The vendor has disputed this, finding the report not applicable. According to AdTran, SSH has never been accessible (from WAN) on SmartOS official builds. Furthermore, the vendor adds that test build 11.1.0.101-202106231430 was never released to end users. | ||||
| CVE-2024-31423 | 2 Alex Volkov, Volkov | 2 Wp Accessibility Helper, Wp Accessibility Helper | 2024-11-21 | 4.3 Medium |
| Missing Authorization vulnerability in Alex Volkov WP Accessibility Helper (WAH).This issue affects WP Accessibility Helper (WAH): from n/a through 0.6.2.5. | ||||
| CVE-2024-31352 | 1 Icegram | 1 Email Subscribers \& Newsletters | 2024-11-21 | 5.3 Medium |
| Missing Authorization vulnerability in Email Subscribers & Newsletters.This issue affects Email Subscribers & Newsletters: from n/a through 5.7.13. | ||||
| CVE-2024-31350 | 1 Strategy11 | 1 Awp Classifieds | 2024-11-21 | 4.3 Medium |
| Missing Authorization vulnerability in AWP Classifieds Team AWP Classifieds.This issue affects AWP Classifieds: from n/a through 4.3.1. | ||||