Vulnerabilities (CVE)

Filtered by CWE-285
Total 413 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-25949 1 Dell 1 Networking Os10 2024-11-21 N/A 8.8 HIGH
Dell OS10 Networking Switches, versions10.5.6.x, 10.5.5.x, 10.5.4.x and 10.5.3.x ,contain an improper authorization vulnerability. A remote authenticated attacker could potentially exploit this vulnerability leading to escalation of privileges.
CVE-2024-25108 1 Pixelfed 1 Pixelfed 2024-11-21 N/A 9.9 CRITICAL
Pixelfed is an open source photo sharing platform. When processing requests authorization was improperly and insufficiently checked, allowing attackers to access far more functionality than users intended, including to the administrative and moderator functionality of the Pixelfed server. This vulnerability affects every version of Pixelfed between v0.10.4 and v0.11.9, inclusive. A proof of concept of this vulnerability exists. This vulnerability affects every local user of a Pixelfed server, and can potentially affect the servers' ability to federate. Some user interaction is required to setup the conditions to be able to exercise the vulnerability, but the attacker could conduct this attack time-delayed manner, where user interaction is not actively required. This vulnerability has been addressed in version 0.11.11. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2024-25106 1 Openobserve 1 Openobserve 2024-11-21 N/A 9.1 CRITICAL
OpenObserve is a observability platform built specifically for logs, metrics, traces, analytics, designed to work at petabyte scale. A critical vulnerability has been identified in the "/api/{org_id}/users/{email_id}" endpoint. This vulnerability allows any authenticated user within an organization to remove any other user from that same organization, irrespective of their respective roles. This includes the ability to remove users with "Admin" and "Root" roles. By enabling any organizational member to unilaterally alter the user base, it opens the door to unauthorized access and can cause considerable disruptions in operations. The core of the vulnerability lies in the `remove_user_from_org` function in the user management system. This function is designed to allow organizational users to remove members from their organization. The function does not check if the user initiating the request has the appropriate administrative privileges to remove a user. Any user who is part of the organization, irrespective of their role, can remove any other user, including those with higher privileges. This vulnerability is categorized as an Authorization issue leading to Unauthorized User Removal. The impact is severe, as it compromises the integrity of user management within organizations. By exploiting this vulnerability, any user within an organization, without the need for administrative privileges, can remove critical users, including "Admins" and "Root" users. This could result in unauthorized system access, administrative lockout, or operational disruptions. Given that user accounts are typically created by "Admins" or "Root" users, this vulnerability can be exploited by any user who has been granted access to an organization, thereby posing a critical risk to the security and operational stability of the application. This issue has been addressed in release version 0.8.0. Users are advised to upgrade.
CVE-2024-23806 1 Hidglobal 4 Iclass Se Reader Configuration Cards, Iclass Se Reader Configuration Cards Firmware, Omnikey Secure Elements Reader Configuration Cards and 1 more 2024-11-21 N/A 5.3 MEDIUM
Sensitive data can be extracted from HID iCLASS SE reader configuration cards. This could include credential and device administrator keys.
CVE-2024-21761 1 Fortinet 1 Fortiportal 2024-11-21 N/A 4.3 MEDIUM
An improper authorization vulnerability [CWE-285] in FortiPortal version 7.2.0, and versions 7.0.6 and below reports may allow a user to download other organizations reports via modification in the request payload.
CVE-2024-21402 1 Microsoft 1 365 Apps 2024-11-21 N/A 7.1 HIGH
Microsoft Outlook Elevation of Privilege Vulnerability
CVE-2024-21166 1 Oracle 1 Mysql 2024-11-21 N/A 5.9 MEDIUM
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.9 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H).
CVE-2023-5948 1 Teamamaze 1 Amaze File Utilities 2024-11-21 N/A 5.5 MEDIUM
Improper Authorization in GitHub repository teamamaze/amazefileutilities prior to 1.91.
CVE-2023-5675 2024-11-21 N/A 6.5 MEDIUM
A flaw was found in Quarkus. When a Quarkus RestEasy Classic or Reactive JAX-RS endpoint has its methods declared in the abstract Java class or customized by Quarkus extensions using the annotation processor, the authorization of these methods will not be enforced if it is enabled by either 'quarkus.security.jaxrs.deny-unannotated-endpoints' or 'quarkus.security.jaxrs.default-roles-allowed' properties.
CVE-2023-5654 1 Facebook 1 React-devtools 2024-11-21 N/A 6.5 MEDIUM
The React Developer Tools extension registers a message listener with window.addEventListener('message', <listener>) in a content script that is accessible to any webpage that is active in the browser. Within the listener is code that requests a URL derived from the received message via fetch(). The URL is not validated or sanitised before it is fetched, thus allowing a malicious web page to arbitrarily fetch URL’s via the victim's browser.
CVE-2023-52139 1 Misskey 1 Misskey 2024-11-21 N/A 9.0 CRITICAL
Misskey is an open source, decentralized social media platform. Third-party applications may be able to access some endpoints or Websocket APIs that are incorrectly specified as [kind](https://github.com/misskey-dev/misskey/blob/406b4bdbe79b5b0b68fcdcb3c4b6e419460a0258/packages/backend/src/server/api/endpoints.ts#L811) or [secure](https://github.com/misskey-dev/misskey/blob/406b4bdbe79b5b0b68fcdcb3c4b6e419460a0258/packages/backend/src/server/api/endpoints.ts#L805) without the user's permission and perform operations such as reading or adding non-public content. As a result, if the user who authenticated the application is an administrator, confidential information such as object storage secret keys and SMTP server passwords will be leaked, and general users can also create invitation codes without permission and leak non-public user information. This is patched in version [2023.12.1](https://github.com/misskey-dev/misskey/commit/c96bc36fedc804dc840ea791a9355d7df0748e64).
CVE-2023-50363 1 Qnap 2 Qts, Quts Hero 2024-11-21 N/A 7.4 HIGH
An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to bypass intended access restrictions via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later
CVE-2023-47166 2024-11-21 N/A 8.8 HIGH
A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight UR32L v32.3.0.7-r2. A specially crafted network request can lead to arbitrary firmware update. An attacker can send a network request to trigger this vulnerability.
CVE-2023-44410 2024-11-21 N/A 8.8 HIGH
D-Link D-View showUsers Improper Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability. The specific flaw exists within the showUsers method. The issue results from the lack of proper authorization before accessing a privileged endpoint. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. . Was ZDI-CAN-19535.
CVE-2023-42491 1 Busbaer 1 Eisbaer Scada 2024-11-21 N/A 8.8 HIGH
EisBaer Scada - CWE-285: Improper Authorization
CVE-2023-42453 2 Fedoraproject, Matrix 2 Fedora, Synapse 2024-11-21 N/A 3.1 LOW
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Users were able to forge read receipts for any event (if they knew the room ID and event ID). Note that the users were not able to view the events, but simply mark it as read. This could be confusing as clients will show the event as read by the user, even if they are not in the room. This issue has been patched in version 1.93.0. Users are advised to upgrade. There are no known workarounds for this issue.
CVE-2023-41819 2024-11-21 N/A 6.1 MEDIUM
A PendingIntent hijacking vulnerability was reported in the Motorola Face Unlock application that could allow a local attacker to access unauthorized content providers. 
CVE-2023-41673 1 Fortinet 1 Fortiadc 2024-11-21 N/A 7.1 HIGH
An improper authorization vulnerability [CWE-285] in Fortinet FortiADC version 7.4.0 and before 7.2.2 may allow a low privileged user to read or backup the full system configuration via HTTP or HTTPS requests.
CVE-2023-40683 3 Ibm, Linux, Microsoft 3 Openpages With Watson, Linux Kernel, Windows 2024-11-21 N/A 8.8 HIGH
IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. By authenticating as an OpenPages user and using non-public APIs, an attacker could exploit this vulnerability to bypass security and gain unauthorized administrative access to the application. IBM X-Force ID: 264005.
CVE-2023-3805 1 Four-faith 1 Video Surveillance Management System 2024-11-21 7.5 HIGH 7.3 HIGH
A vulnerability, which was classified as critical, has been found in Xiamen Four Letter Video Surveillance Management System up to 20230712. This issue affects some unknown processing in the library UserInfoAction.class of the component Login. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-235073 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.