Filtered by CWE-264

Search

Switch to Advanced Search (Beta)
Total 5458 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2016-3643 1 Solarwinds 1 Virtualization Manager 2025-03-07 7.8 High
SolarWinds Virtualization Manager 6.3.1 and earlier allow local users to gain privileges by leveraging a misconfiguration of sudo, as demonstrated by "sudo cat /etc/passwd."
CVE-2024-53011 2025-03-05 7.9 High
Information disclosure may occur due to improper permission and access controls to Video Analytics engine.
CVE-2013-3689 1 Brickcom 7 100ap Device Firmware, Fb-100ap, Md-100ap and 4 more 2025-03-04 N/A
Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.0.6.16C1 and earlier, do not properly restrict access to configfile.dump, which allow remote attackers to obtain sensitive information (user names, passwords, and configurations) via a get action.
CVE-2025-27521 2025-03-04 6.8 Medium
Vulnerability of improper access permission in the process management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-43064 1 Qualcomm 60 Qam8255p, Qam8255p Firmware, Qam8295p and 57 more 2025-02-28 7.5 High
Uncontrolled resource consumption when a driver, an application or a SMMU client tries to access the global registers through SMMU.
CVE-2022-29444 1 Cloudways 1 Breeze 2025-02-20 6.5 Medium
Plugin Settings Change leading to Cross-Site Scripting (XSS) vulnerability in Cloudways Breeze plugin <= 2.0.2 on WordPress allows users with a subscriber or higher user role to execute any of the wp_ajax_* actions in the class Breeze_Configuration which includes the ability to change any of the plugin's settings including CDN setting which could be further used for XSS attack.
CVE-2022-29423 1 Edmonsoft 1 Countdown Builder 2025-02-20 3.8 Low
Pro Features Lock Bypass vulnerability in Countdown & Clock plugin <= 2.3.2 at WordPress.
CVE-2022-33198 1 Oxilab 1 Accordions 2025-02-20 9.8 Critical
Unauthenticated WordPress Options Change vulnerability in Biplob Adhikari's Accordions plugin <= 2.0.2 at WordPress.
CVE-2022-34487 1 Oxilab 1 Shortcode Addons 2025-02-20 9.8 Critical
Unauthenticated Arbitrary Option Update vulnerability in biplob018's Shortcode Addons plugin <= 3.0.2 at WordPress.
CVE-2022-27235 1 Supsystic 1 Social Share Buttons 2025-02-20 6.3 Medium
Multiple Broken Access Control vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress.
CVE-2022-33969 1 Oxilab 1 Flipbox 2025-02-20 7.2 High
Authenticated WordPress Options Change vulnerability in Biplob Adhikari's Flipbox plugin <= 2.6.0 at WordPress.
CVE-2022-36375 1 Oxilab 1 Responsive Tabs 2025-02-20 7.2 High
Authenticated (high role user) WordPress Options Change vulnerability in Biplob Adhikari's Tabs plugin <= 3.6.0 at WordPress.
CVE-2022-33970 1 Oxilab 1 Shortcode Addons 2025-02-20 7.2 High
Authenticated WordPress Options Change vulnerability in Biplob018 Shortcode Addons plugin <= 3.1.2 at WordPress.
CVE-2022-25649 1 Storeapps 1 Affiliate For Woocommerce 2025-02-20 5 Medium
Multiple Improper Access Control vulnerabilities in StoreApps Affiliate For WooCommerce premium plugin <= 4.7.0 at WordPress.
CVE-2022-34149 1 Miniorange 1 Wp Oauth Server 2025-02-20 9.8 Critical
Authentication Bypass vulnerability in miniOrange WP OAuth Server plugin <= 3.0.4 at WordPress.
CVE-2022-35242 1 59sec 1 The Leads Management System\ 2025-02-20 6.5 Medium
Unauthenticated plugin settings change vulnerability in 59sec THE Leads Management System: 59sec LITE plugin <= 3.4.1 at WordPress.
CVE-2022-34868 1 Yookassa 1 Yukassa For Woocommerce 2025-02-20 8.8 High
Authenticated Arbitrary Settings Update vulnerability in YooMoney ЮKassa для WooCommerce plugin <= 2.3.0 at WordPress.
CVE-2022-36425 1 Fastlinemedia 1 Beaver Builder 2025-02-20 5.4 Medium
Broken Access Control vulnerability in Beaver Builder plugin <= 2.5.4.3 at WordPress.
CVE-2022-36387 1 About-me Project 1 About-me 2025-02-20 7.6 High
Broken Access Control vulnerability in Alessio Caiazza's About Me plugin <= 1.0.12 at WordPress.
CVE-2022-37344 1 Accommodation-system Project 1 Accommodation-system 2025-02-20 7.6 High
Missing Access Control vulnerability in PHP Crafts Accommodation System plugin <= 1.0.1 at WordPress.