CWE-841: CWE-841

FreeScout versions before 1.8.180 have a mass-assignment vulnerability in user record editing that allows authenticated users with edit permissions to...

CVE-2022-1667 allows attackers to bypass client-side JavaScript controls and reboot Programmable Logic Controllers (PLCs) by directly executing JavaSc...

This vulnerability allows attackers to bypass intended functionality in DECE Software Geodi by exploiting improper enforcement of behavioral workflows...

This vulnerability in Nextcloud Tables allows authenticated users to read arbitrary files from the server by importing specially crafted tables. The a...

This vulnerability allows an unauthorized attacker with physical access to bypass Windows BitLocker security features. It affects Windows systems usin...

This vulnerability allows an unauthorized attacker with physical access to bypass a Windows BitLocker security feature. It affects systems using BitLo...

This vulnerability in Aimeos frontend controller allows improper payment status persistence after purchase completion. Attackers could potentially man...

FreeScout versions before 1.8.180 have a mass assignment vulnerability during user creation that allows attackers to manipulate all fields in the User...

This CVE describes a business logic vulnerability in Open eClass (formerly GUnet eClass) where authenticated students can improperly mark themselves a...