Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-280 (不充分权限或特权的处理不恰当) — Vulnerability Class 106

106 vulnerabilities classified as CWE-280 (不充分权限或特权的处理不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-35228 Improper Handling of Insufficient Permissions in Wagtail — wagtail 5.5 Medium2024-05-30
CVE-2024-36112 Nautobot dynamic-group-members doesn't enforce permission restrictions on member objects — nautobot 6.3 Medium2024-05-28
CVE-2024-35301 JetBrains TeamCity 安全漏洞 — TeamCity 5.5 Medium2024-05-16
CVE-2024-32882 Permission check bypass when editing a model with per-field restrictions in wagtail — wagtail 2.7 Low2024-05-02
CVE-2024-32000 Truncated content of messages can be leaked from matrix-appservice-irc — matrix-appservice-irc 4.3 Medium2024-04-12
CVE-2023-41972 Revert password check incorrect type validation — Client Connector 7.3 High2024-03-26
CVE-2024-0560 Apicast: use_3scale_oidc_issuer_endpoint of token introspection policy isn't compatible with rh-sso 7.5 or later versions 6.3 Medium2024-02-28
CVE-2023-39249 Dell SupportAssist for Business PCs 安全漏洞 — SupportAssist Client Consumer 6.3 Medium2024-02-14
CVE-2024-25108 Insufficient authorization allowing elevated access to resources in pixelfed — pixelfed 9.9 Critical2024-02-12
CVE-2023-25543 Dell Power Manager 安全漏洞 — Dell Power Manager (DPM) 7.8 High2024-02-06
CVE-2023-6189 Improper Permission Handling in M-Files Server — M-Files Server 4.3 Medium2023-11-22
CVE-2023-43591 Zoom Rooms 安全漏洞 — Zoom Rooms for macOS 7.8 High2023-11-14
CVE-2023-43087 Dell PowerScale OneFS 安全漏洞 — PowerScale OneFS 4.3 Medium2023-11-02
CVE-2023-32489 Dell PowerScale OneFS 安全漏洞 — PowerScale OneFS 6.7 Medium2023-08-16
CVE-2023-2480 Elevation of Privilege in M-Files Desktop Client — M-Files Client 7.5 High2023-05-25
CVE-2023-2020 Unauthorized scheduling of downtimes via REST API — Checkmk 4.3 Medium2023-04-18
CVE-2023-0181 NVIDIA GPU Display Driver for Windows 安全漏洞 — vGPU software (guest driver - Windows), vGPU software (guest driver - Linux), vGPU software (Virtual GPU Manager - Citrix Hypervisor, VMware vSphere, Red Hat Enterprise Linux KVM), NVIDIA Cloud Gaming (guest driver - Windows), NVIDIA Cloud Gaming (guest driver - Linux), NVIDIA Cloud Gaming (Virtual GPU Manager - Red Hat Enterprise Linux KVM) 7.1 High2023-04-01
CVE-2023-28114 `cilium-cli` disables etcd authorization for clustermesh clusters — cilium-cli 4.8 Medium2023-03-22
CVE-2023-21421 SAMSUNG Mobile devices 安全漏洞 — Samsung Mobile Devices 5.9 Medium2023-02-09
CVE-2022-4863 Improper Handling of Insufficient Permissions or Privileges in usememos/memos — usememos/memos 8.1 -2022-12-30
CVE-2022-39912 SAMSUNG Mobile devices 安全漏洞 — Samsung Mobile Devices 6.2 Medium2022-12-08
CVE-2022-39885 SAMSUNG Mobile devices 安全漏洞 — Samsung Mobile Devices 5.9 Medium2022-11-09
CVE-2022-39886 SAMSUNG Mobile devices 安全漏洞 — Samsung Mobile Devices 5.9 Medium2022-11-09
CVE-2022-39872 SAMSUNG Mobile devices 安全漏洞 — ShareLive 5.9 Medium2022-10-07
CVE-2022-36874 SAMSUNG Mobile devices 安全漏洞 — Waterplugin 5.9 Medium2022-09-09
CVE-2022-34368 Dell EMC NetWorker 安全漏洞 — NetWorker Management Console 6.1 Medium2022-08-30
CVE-2022-2193 HYPR Server 安全漏洞 — HYPR Server 7.5 High2022-07-19
CVE-2022-30727 Samsung mobile 安全漏洞 — Samsung Mobile Devices 6.2 Medium2022-06-07
CVE-2022-30725 Samsung mobile 安全漏洞 — Samsung Mobile Devices 4.0 Medium2022-06-07
CVE-2022-30724 Samsung mobile 安全漏洞 — Samsung Mobile Devices 4.0 Medium2022-06-07

Vulnerabilities classified as CWE-280 (不充分权限或特权的处理不恰当) represent 106 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.