CWE-862 CVEs and Security Vulnerabilities

Filtered by CWE-862

Search

Switch to Advanced Search (Beta)

Total 7641 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-21091	1 Google	1 Android	2025-02-05	5.5 Medium
In canDisplayLocalUi of AppLocalePickerActivity.java, there is a possible way to change system app locales due to a missing permission check. This could lead to local denial of service across user boundaries with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-257954050
CVE-2023-20909	1 Google	1 Android	2025-02-05	5.5 Medium
In multiple functions of RunningTasks.java, there is a possible privilege escalation due to a missing privilege check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-243130512
CVE-2023-21094	1 Google	1 Android	2025-02-05	7.8 High
In sanitize of LayerState.cpp, there is a possible way to take over the screen display and swap the display content due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-248031255
CVE-2023-51479	1 Buildapp	1 Build App Online	2025-02-05	8.8 High
Improper Privilege Management vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through 1.0.19.
CVE-2023-39922	1 Theme-fusion	1 Avada	2025-02-05	4.3 Medium
Missing Authorization vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through 7.11.1.
CVE-2024-32799	1 Realestateconnected	1 Easy Property Listings	2025-02-05	5.3 Medium
Missing Authorization vulnerability in Merv Barrett Easy Property Listings.This issue affects Easy Property Listings: from n/a through 3.5.3.
CVE-2023-45101	1 Cusrev	1 Customer Reviews For Woocommerce	2025-02-05	4.3 Medium
Missing Authorization vulnerability in CusRev Customer Reviews for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Customer Reviews for WooCommerce: from n/a through 5.36.0.
CVE-2023-51692	1 Cusrev	1 Customer Reviews For Woocommerce	2025-02-05	4.3 Medium
Missing Authorization vulnerability in CusRev Customer Reviews for WooCommerce.This issue affects Customer Reviews for WooCommerce: from n/a through 5.38.1.
CVE-2022-45806	1 Strategy11	1 Formidable Forms	2025-02-05	4.3 Medium
Missing Authorization vulnerability in Strategy11 Form Builder Team Formidable Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Formidable Forms: from n/a through 5.5.4.
CVE-2023-47188	1 Presstigers	1 Simple Job Board	2025-02-05	5.3 Medium
Missing Authorization vulnerability in PressTigers Simple Job Board allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Job Board: from n/a through 2.10.5.
CVE-2023-40003	1 Wedevs	1 Wp Project Manager	2025-02-05	6.5 Medium
Missing Authorization vulnerability in weDevs WP Project Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Project Manager: from n/a through 2.6.7.
CVE-2024-24832	1 Metagauss	1 Eventprime	2025-02-04	8.2 High
Missing Authorization vulnerability in Metagauss EventPrime.This issue affects EventPrime: from n/a through 3.3.9.
CVE-2024-49596	1 Dell	2 Dell Wyse Management Suite Repository, Wyse Management Suite	2025-02-04	5.9 Medium
Dell Wyse Management Suite, version WMS 4.4 and prior, contain a Missing Authorization vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service and arbitrary file deletion
CVE-2024-45760	1 Dell	1 Openmanage Server Administrator	2025-02-04	4.3 Medium
Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains an improper access control vulnerability. A remote low privileged user could potentially exploit this vulnerability via the HTTP GET method leading to unauthorized action with elevated privileges.
CVE-2024-50967			2025-02-04	6.5 Medium
The /rest/rights/ REST API endpoint in Becon DATAGerry through 2.2.0 contains an Incorrect Access Control vulnerability. An attacker can remotely access this endpoint without authentication, leading to unauthorized disclosure of sensitive information.
CVE-2023-1414	1 Rextheme	1 Wp Vr	2025-02-04	4.3 Medium
The WP VR WordPress plugin before 8.3.0 does not have authorisation and CSRF checks in various AJAX actions, one in particular could allow any authenticated users, such as subscriber to update arbitrary tours
CVE-2023-49831	1 Metagauss	1 Registrationmagic	2025-02-04	7.5 High
Missing Authorization vulnerability in Metagauss User Registration Forms RegistrationMagic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through 5.2.3.0.
CVE-2024-32682	1 Bdthemes	1 Prime Slider	2025-02-04	7.1 High
Missing Authorization vulnerability in BdThemes Prime Slider – Addons For Elementor.This issue affects Prime Slider – Addons For Elementor: from n/a through 3.13.2.
CVE-2024-32681	2 Bdthemes, Elementor	2 Prime Slider, Elementor	2025-02-04	4.3 Medium
Missing Authorization vulnerability in BdThemes Prime Slider – Addons For Elementor.This issue affects Prime Slider – Addons For Elementor: from n/a through 3.13.2.
CVE-2024-25935	1 Metagauss	1 Registrationmagic	2025-02-03	4.3 Medium
Missing Authorization vulnerability in Metagauss RegistrationMagic.This issue affects RegistrationMagic: from n/a through 5.2.5.9.

« first previous Page 268 of 383. next last »