CWE-264 CVEs and Security Vulnerabilities

Filtered by CWE-264

Search

Switch to Advanced Search (Beta)

Total 5477 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-41978	1 Zohocorp	1 Zoho Crm Lead Magnet	2025-02-20	8.8 High
Auth. (subscriber+) Arbitrary Options Update vulnerability in Zoho CRM Lead Magnet plugin <= 1.7.5.8 on WordPress.
CVE-2022-38461	1 Wpml	1 Wpml	2025-02-20	5.4 Medium
Broken Access Control vulnerability in WPML Multilingual CMS premium plugin <= 4.5.10 on WordPress allows users with a subscriber or higher user role to change plugin settings (selected language for legacy widgets, the default behavior for media content).
CVE-2022-45066	1 Thriveweb	1 Wooswipe Woocommerce Gallery	2025-02-20	5.4 Medium
Auth. (subscriber+) Broken Access Control vulnerability in WooSwipe WooCommerce Gallery plugin <= 2.0.1 on WordPress.
CVE-2022-45069	1 Automattic	1 Crowdsignal Dashboard	2025-02-20	6.3 Medium
Auth. (contributor+) Privilege Escalation vulnerability in Crowdsignal Dashboard plugin <= 3.0.9 on WordPress.
CVE-2022-38974	1 Wpml	1 Wpml	2025-02-20	4.3 Medium
Broken Access Control vulnerability in WPML Multilingual CMS premium plugin <= 4.5.10 on WordPress allows users with subscriber or higher user roles to change the status of the translation jobs.
CVE-2022-41781	1 Permalink Manager Lite Project	1 Permalink Manager Lite	2025-02-20	6.5 Medium
Broken Access Control vulnerability in Permalink Manager Lite plugin <= 2.2.20 on WordPress.
CVE-2022-42461	1 Miniorange	1 Google Authenticator	2025-02-20	5.4 Medium
Broken Access Control vulnerability in miniOrange's Google Authenticator plugin <= 5.6.1 on WordPress.
CVE-2022-41839	1 Wpbrigade	1 Loginpress	2025-02-20	5.3 Medium
Broken Access Control vulnerability in WordPress LoginPress plugin <= 1.6.2 on WordPress leading to unauth. changing of Opt-In or Opt-Out tracking settings.
CVE-2022-45369	1 Richplugins	1 Plugin For Google Reviews	2025-02-20	4.3 Medium
Auth. (subscriber+) Broken Access Control vulnerability in Plugin for Google Reviews plugin <= 2.2.2 on WordPress.
CVE-2022-42459	1 Oxilab	1 Image Hover Effects Ultimate	2025-02-20	7.2 High
Auth. WordPress Options Change vulnerability in Image Hover Effects Ultimate plugin <= 9.7.1 on WordPress.
CVE-2020-13922	1 Apache	1 Dolphinscheduler	2025-02-13	6.5 Medium
Versions of Apache DolphinScheduler prior to 1.3.2 allowed an ordinary user under any tenant to override another users password through the API interface.
CVE-2024-22452	1 Dell	1 Display And Peripheral Manager	2025-01-31	7.3 High
Dell Display and Peripheral Manager for macOS prior to 1.3 contains an improper access control vulnerability. A low privilege user could potentially exploit this vulnerability by modifying files in the installation folder to execute arbitrary code, leading to privilege escalation.
CVE-2024-56444	1 Huawei	1 Harmonyos	2025-01-13	7.5 High
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-56440	1 Huawei	2 Emui, Harmonyos	2025-01-13	6.2 Medium
Permission control vulnerability in the Connectivity module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2022-36246	1 Shopbeat	1 Shop Beat Media Player	2025-01-13	9.8 Critical
Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Insecure Permissions.
CVE-2023-52955	1 Huawei	2 Emui, Harmonyos	2025-01-13	6.5 Medium
Vulnerability of improper authentication in the ANS system service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2024-54104	1 Huawei	1 Harmonyos	2024-12-12	6.2 Medium
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-32996	1 Huawei	2 Emui, Harmonyos	2024-12-09	6.2 Medium
Privilege escalation vulnerability in the account module Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2023-52721	1 Huawei	1 Harmonyos	2024-12-09	6.2 Medium
The WindowManager module has a vulnerability in permission control. Impact: Successful exploitation of this vulnerability may affect confidentiality.
CVE-2022-1548	1 Mattermost	1 Playbooks	2024-12-06	3.7 Low
Mattermost Playbooks plugin 1.25 and earlier fails to properly restrict user-level permissions, which allows playbook members to escalate their membership privileges and perform actions restricted to playbook admins.

« first previous Page 259 of 274. next last »