Total
6628 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-53343 | 2025-08-15 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in GoodLayers Modernize allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Modernize: from n/a through 3.4.0. | |||||
| CVE-2025-54730 | 2025-08-15 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in PARETO Digital Embedder for Google Reviews allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Embedder for Google Reviews: from n/a through 1.7.3. | |||||
| CVE-2025-54712 | 2025-08-15 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in hashthemes Easy Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Easy Elementor Addons: from n/a through 2.2.7. | |||||
| CVE-2024-12553 | 1 Geovision | 1 Gv-asmanager | 2025-08-14 | N/A | 6.5 MEDIUM |
| GeoVision GV-ASManager Missing Authorization Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of GeoVision GV-ASManager. Although authentication is required to exploit this vulnerability, default guest credentials may be used. The specific flaw exists within the GV-ASWeb service. The issue results from the lack of authorization prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-25394. | |||||
| CVE-2025-49747 | 1 Microsoft | 1 Azure Machine Learning | 2025-08-14 | N/A | 9.9 CRITICAL |
| Missing authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network. | |||||
| CVE-2025-50171 | 1 Microsoft | 3 Windows Server 2022, Windows Server 2022 23h2, Windows Server 2025 | 2025-08-14 | N/A | 9.1 CRITICAL |
| Missing authorization in Remote Desktop Server allows an unauthorized attacker to perform spoofing over a network. | |||||
| CVE-2025-54692 | 2025-08-14 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in WP Swings Membership For WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Membership For WooCommerce: from n/a through 2.9.0. | |||||
| CVE-2025-50031 | 2025-08-14 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in syedamirhussain91 DB Backup allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects DB Backup: from n/a through 6.0. | |||||
| CVE-2025-28962 | 2025-08-14 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in stefanoai Advanced Google Universal Analytics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced Google Universal Analytics: from n/a through 1.0.3. | |||||
| CVE-2025-52721 | 2025-08-14 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in LCweb Global Gallery allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Global Gallery: from n/a through 9.2.3. | |||||
| CVE-2025-52800 | 2025-08-14 | N/A | 7.3 HIGH | ||
| Missing Authorization vulnerability in Unity Business Technology Pty Ltd The E-Commerce ERP allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects The E-Commerce ERP: from n/a through 2.1.1.3. | |||||
| CVE-2025-50029 | 2025-08-14 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Ashish AI Tools allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects AI Tools: from n/a through 4.0.7. | |||||
| CVE-2025-49052 | 2025-08-14 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Dariolee Netease Music allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Netease Music: from n/a through 3.2.1. | |||||
| CVE-2025-54705 | 2025-08-14 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in magepeopleteam WpEvently allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WpEvently: from n/a through 4.4.6. | |||||
| CVE-2025-52801 | 2025-08-14 | N/A | 7.3 HIGH | ||
| Missing Authorization vulnerability in VonStroheim TheBooking allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects TheBooking: from n/a through 1.4.4. | |||||
| CVE-2025-52775 | 2025-08-14 | N/A | 7.1 HIGH | ||
| Missing Authorization vulnerability in Ronik@UnlimitedWP Project Cost Calculator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Project Cost Calculator: from n/a through 1.0.0. | |||||
| CVE-2025-54679 | 2025-08-14 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in vertim Neon Channel Product Customizer Free allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Neon Channel Product Customizer Free: from n/a through 2.0. | |||||
| CVE-2025-30639 | 2025-08-14 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in ThemeAtelier IDonatePro allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects IDonatePro: from n/a through 2.1.9. | |||||
| CVE-2025-52731 | 2025-08-14 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in themefunction WordPress Event Manager, Event Calendar and Booking Plugin allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WordPress Event Manager, Event Calendar and Booking Plugin: from n/a through 4.0.24. | |||||
| CVE-2025-52785 | 2025-08-14 | N/A | 7.1 HIGH | ||
| Missing Authorization vulnerability in softnwords SMM API allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SMM API: from n/a through 6.0.30. | |||||