Total
2747 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-33000 | 2024-05-14 | N/A | 3.5 LOW | ||
| SAP Bank Account Management does not perform necessary authorization check for an authorized user, resulting in escalation of privileges. As a result, it has a low impact to confidentiality to the system. | |||||
| CVE-2024-4139 | 2024-05-14 | N/A | 4.3 MEDIUM | ||
| Manage Bank Statement ReProcessing Rules does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, an attacker can delete rules of other users affecting the integrity of the application. Confidentiality and Availability are not affected. | |||||
| CVE-2024-32731 | 2024-05-14 | N/A | 5.5 MEDIUM | ||
| SAP My Travel Requests does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, the attacker can upload a malicious attachment to a business trip request which will lead to a low impact on the confidentiality, integrity and availability of the application. | |||||
| CVE-2024-32719 | 2024-05-14 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in WP Club Manager.This issue affects WP Club Manager: from n/a through 2.2.11. | |||||
| CVE-2024-33942 | 2024-05-14 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Eric Alli Google Typography.This issue affects Google Typography: from n/a through 1.1.2. | |||||
| CVE-2024-33938 | 2024-05-14 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in codename065 Sliding Widgets allows Cross-Site Scripting (XSS).This issue affects Sliding Widgets: from n/a through 1.5.0. | |||||
| CVE-2024-33956 | 2024-05-14 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in ThemeLocation Custom WooCommerce Checkout Fields Editor.This issue affects Custom WooCommerce Checkout Fields Editor: from n/a through 1.3.0. | |||||
| CVE-2024-32730 | 2024-05-14 | N/A | 6.5 MEDIUM | ||
| SAP Enable Now Manager does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, the attacker with the role 'Learner' could gain access to other user's data in manager which will lead to a high impact to the confidentiality of the application. | |||||
| CVE-2024-32724 | 2024-05-14 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in Woo product importer Sharkdropship dropshipping for Aliexpress, eBay, Amazon, etsy.This issue affects Sharkdropship dropshipping for Aliexpress, eBay, Amazon, etsy: from n/a through 2.1.1. | |||||
| CVE-2024-32712 | 2024-05-14 | N/A | 7.5 HIGH | ||
| Missing Authorization vulnerability in Podlove Podlove Podcast Publisher.This issue affects Podlove Podcast Publisher: from n/a through 4.0.14. | |||||
| CVE-2024-32717 | 2024-05-14 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in WPDeveloper SchedulePress.This issue affects SchedulePress: from n/a through 5.0.8. | |||||
| CVE-2024-32776 | 2024-05-14 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in AppPresser Team AppPresser.This issue affects AppPresser: from n/a through 4.3.0. | |||||
| CVE-2024-4317 | 2024-05-14 | N/A | 3.1 LOW | ||
| Missing authorization in PostgreSQL built-in views pg_stats_ext and pg_stats_ext_exprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the eavesdropper could not otherwise read or results of functions they cannot execute. Installing an unaffected version only fixes fresh PostgreSQL installations, namely those that are created with the initdb utility after installing that version. Current PostgreSQL installations will remain vulnerable until they follow the instructions in the release notes. Within major versions 14-16, minor versions before PostgreSQL 16.3, 15.7, and 14.12 are affected. Versions before PostgreSQL 14 are unaffected. | |||||
| CVE-2024-31270 | 2024-05-08 | N/A | 7.6 HIGH | ||
| Missing Authorization vulnerability in Repute InfoSystems ARForms Form Builder.This issue affects ARForms Form Builder: from n/a through 1.6.1. | |||||
| CVE-2024-30459 | 2024-05-08 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in AIpost AI WP Writer.This issue affects AI WP Writer: from n/a through 3.6.5. | |||||
| CVE-2024-33573 | 2024-05-08 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in EPROLO EPROLO Dropshipping.This issue affects EPROLO Dropshipping: from n/a through 1.7.1. | |||||
| CVE-2024-4233 | 2024-05-08 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Tyche Softwares Print Invoice & Delivery Notes for WooCommerce, Tyche Softwares Arconix Shortcodes, Tyche Softwares Arconix FAQ.This issue affects Print Invoice & Delivery Notes for WooCommerce: from n/a through 4.8.1; Arconix Shortcodes: from n/a through 2.1.10; Arconix FAQ: from n/a through 1.9.3. | |||||
| CVE-2024-24833 | 2024-05-08 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Leevio Happy Addons for Elementor.This issue affects Happy Addons for Elementor: from n/a through 3.10.1. | |||||
| CVE-2024-33574 | 2024-05-08 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in appsbd Vitepos.This issue affects Vitepos: from n/a through 3.0.1. | |||||
| CVE-2024-1438 | 2024-05-08 | N/A | 7.7 HIGH | ||
| Missing Authorization vulnerability in PressFore Rolo Slider.This issue affects Rolo Slider: from n/a through 1.0.9. | |||||