CWE-285: CWE-285

This CVE describes an Insecure Direct Object Reference (IDOR) vulnerability in File Browser versions before 2.45.1. Any authenticated user with share ...

This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to reset passwords for any user account, including admi...

This vulnerability allows any authenticated Juju controller user to upload malicious agent binaries to any model or the controller itself, bypassing p...

Graylog users can create API tokens for any user, including administrators, by exploiting weak permission checks in the REST API. This allows privileg...

The Offsprout Page Builder WordPress plugin contains an authorization vulnerability that allows authenticated users with Contributor-level access or h...

The WP-GeoMeta WordPress plugin versions 0.3.4 to 0.3.5 contain a privilege escalation vulnerability where authenticated users with Subscriber-level a...

OpenFGA versions 1.8.0 through 1.8.12 contain an authorization bypass vulnerability in Check and ListObject API calls. Attackers can bypass intended p...

A bug in XWiki's required rights enforcement allows users with edit rights to set programming rights as required rights on documents. If a user with p...

The Frontend Dashboard WordPress plugin versions 1.0 to 2.2.7 contain a privilege escalation vulnerability due to missing capability checks in the aja...

tgstation-server versions before 6.12.3 have an authorization bypass vulnerability where role permissions were incorrectly combined using OR logic ins...

The Mapster WP Maps WordPress plugin has an insufficient capability check vulnerability that allows authenticated attackers with contributor-level acc...

Sakai Collaboration and Learning Environment versions 23.0 through 23.2 contain an authorization bypass vulnerability where users created with 'rolevi...

Apache ActiveMQ Artemis versions before 2.29.0 expose the Log4J2 MBean through the authenticated Jolokia endpoint, allowing authenticated non-administ...

This vulnerability in Cisco Small Business VPN routers allows authenticated remote attackers to escalate privileges from guest to admin by exploiting ...

This vulnerability allows authenticated remote attackers to bypass authorization checks in the JSON-RPC API of affected Cisco products, enabling unaut...

This vulnerability in Bareos allows users to bypass command access controls by using command abbreviations. When negative ACLs are configured to forbi...

SudoBot Discord moderation bot versions before 9.26.7 contain a privilege escalation vulnerability in the -config command that allows any user to modi...

This vulnerability allows attackers to upload arbitrary firmware to Milesight UR32L routers through the luci2-io file-import functionality. Attackers ...

This vulnerability in IBM OpenPages with Watson allows authenticated users to bypass authorization checks by accessing non-public APIs. Attackers can ...

Dell NetWorker 19.7 has an improper authorization vulnerability in its client component. An unauthenticated attacker on the same network can manipulat...

This vulnerability allows a user with Technician profile in GLPI to generate a personal token for a Super-Admin account, enabling privilege escalation...

DIAEnergie versions before v1.9.03.001 contain an improper authorization vulnerability that allows unauthorized users to bypass authentication and acc...

This vulnerability allows authenticated remote users with limited privileges (like Monitoring role) to bypass authorization controls in PowerPath Mana...

CVE-2022-30670 is an improper authorization vulnerability in Adobe RoboHelp Server that allows authenticated attackers to escalate privileges to full ...

CVE-2021-43939 is an improper authorization vulnerability in Elcomplus SmartPTT where low-privileged authenticated users can bypass authorization cont...

This vulnerability allows an attacker with access to the Inforail Service in Ivanti Avalanche to escalate privileges, potentially gaining administrati...

This vulnerability allows authenticated users in the ShinHer StudyOnline System to bypass authorization controls and access/modify other users' creden...

This vulnerability in Nextcloud Server allows application-specific authentication tokens to escalate their own permissions. Tokens configured with no ...

This vulnerability allows authenticated remote attackers to elevate privileges to Administrator in Cisco Business Process Automation (BPA) web managem...

This vulnerability allows authenticated remote attackers to elevate privileges to Administrator in Cisco Business Process Automation (BPA) web managem...

This vulnerability allows low-privileged users in WordPress to install and activate arbitrary plugins from the official repository via an AJAX endpoin...

This vulnerability allows low-privileged users in WordPress to install and activate arbitrary plugins from the official repository via an AJAX endpoin...

This vulnerability allows low-privileged WordPress users (like subscribers or contributors) to install and activate arbitrary plugins from the officia...

This vulnerability allows low-privileged WordPress users (subscriber/contributor level) to install and activate arbitrary plugins from the WordPress r...

CVE-2025-46840 is an improper authorization vulnerability in Adobe Experience Manager that allows low-privileged attackers to bypass security controls...

An improper authorization vulnerability in Azure Bot Framework SDK allows unauthorized attackers to elevate privileges over a network. This affects or...

An improper authorization vulnerability in Samsung Members app's 'samsungrewards' deeplink scheme allows remote attackers to access user data associat...

This critical vulnerability in KylinSoft kylin-activation on KylinOS allows local attackers to bypass authorization controls through file import funct...

This CVE allows malicious websites to bypass CORS origin validation in Gradio servers when cookies are present, enabling unauthorized requests to loca...

Apache Solr deployments using RuleBasedAuthorizationPlugin with specific configurations are vulnerable to unauthorized API access. Attackers can bypas...

Adobe Commerce has an improper authorization vulnerability that allows attackers to bypass security measures and gain unauthorized access. This affect...

The PeproDev Ultimate Profile Solutions WordPress plugin has an authentication bypass vulnerability that allows unauthenticated attackers to modify us...

This CVE describes an Improper Authorization vulnerability in Adobe Commerce that allows attackers to bypass security measures without user interactio...

The OptinMonster WordPress plugin vulnerability allows attackers to bypass authorization checks and access sensitive information or modify plugin sett...

OpenEMR patient portal users can forge provider signatures by exploiting an authorization bypass in the signature upload endpoint. This affects all Op...

In OneUptime version 9.0.5598, low-permission users can bypass the intended user interface and create new accounts directly through API requests. This...

This CVE describes an authorization flaw in Rallly's poll management feature where any authenticated user can pause or resume any poll by using only t...

This CVE describes an insecure direct object reference (IDOR) vulnerability in Rallly, an open-source scheduling tool. Any authenticated user can dele...

The Astra Security Suite WordPress plugin has an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files t...

Hono's JWT Auth Middleware lacks built-in audience (aud) claim verification, allowing valid tokens issued for different services to be accepted when m...