Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-1220
Total 26 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-4813 1 Usememos 1 Memos 2023-01-05 N/A 4.3 MEDIUM
Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4801 1 Usememos 1 Memos 2023-01-05 N/A 5.3 MEDIUM
Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-2475 1 Haascnc 2 Haas Controller, Haas Controller Firmware 2022-11-02 N/A 8.8 HIGH
Haas Controller version 100.20.000.1110 has insufficient granularity of access control when using the "Ethernet Q Commands" service. Any user is able to write macros into registers outside of the authorized accessible range. This could allow a user to access privileged resources or resources out of context.
CVE-2022-1461 1 Open-emr 1 Openemr 2022-05-04 4.0 MEDIUM 6.5 MEDIUM
Non Privilege User can Enable or Disable Registered in GitHub repository openemr/openemr prior to 6.1.0.1.
CVE-2022-1177 1 Open-emr 1 Openemr 2022-04-04 4.0 MEDIUM 4.3 MEDIUM
Accounting User Can Download Patient Reports in openemr in GitHub repository openemr/openemr prior to 6.1.0.
CVE-2021-31384 1 Juniper 10 Junos, Srx1500, Srx300 and 7 more 2021-10-25 7.5 HIGH 10.0 CRITICAL
Due to a Missing Authorization weakness and Insufficient Granularity of Access Control in a specific device configuration, a vulnerability exists in Juniper Networks Junos OS on SRX Series whereby an attacker who attempts to access J-Web administrative interfaces can successfully do so from any device interface regardless of the web-management configuration and filter rules which may otherwise protect access to J-Web. This issue affects: Juniper Networks Junos OS SRX Series 20.4 version 20.4R1 and later versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.4R1.