Search Results | AttackerKB

Show filters

Topics 1,956 Users 9,713

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

1,956 Total Results

Displaying 61-70 of 1,956

Attacker Value

Unknown

CVE-2024-55949

Disclosure Date: December 16, 2024 (last updated December 18, 2024)

MinIO is a high-performance, S3 compatible object store, open sourced under GNU AGPLv3 license. Minio is subject to a privilege escalation in IAM import API, all users are impacted since MinIO commit `580d9db85e04f1b63cc2909af50f0ed08afa965f`. This issue has been addressed in commit `f246c9053f9603e610d98439799bdd2a6b293427` which is included in RELEASE.2024-12-13T22-19-12Z. There are no workarounds possible, all users are advised to upgrade immediately.

0

Attacker Value

Unknown

CVE-2024-54372

Disclosure Date: December 16, 2024 (last updated December 18, 2024)

Cross-Site Request Forgery (CSRF) vulnerability in Sourov Amin Insertify allows Code Injection.This issue affects Insertify: from n/a through 1.1.4.

0

Attacker Value

Unknown

CVE-2024-54298

Disclosure Date: December 13, 2024 (last updated December 18, 2024)

Missing Authorization vulnerability in Bill Minozzi Car Dealer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Car Dealer: from n/a through 4.46.

0

Attacker Value

Unknown

CVE-2024-54267

Disclosure Date: December 13, 2024 (last updated December 18, 2024)

Missing Authorization vulnerability in CreativeMindsSolutions CM Answers allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CM Answers: from n/a through 3.2.6.

0

Attacker Value

Unknown

CVE-2023-41873

Disclosure Date: December 13, 2024 (last updated December 18, 2024)

Missing Authorization vulnerability in miniOrange SAML SP Single Sign On allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SAML SP Single Sign On: from n/a through 5.0.4.

0

Attacker Value

Unknown

CVE-2023-37987

Disclosure Date: December 13, 2024 (last updated December 18, 2024)

Missing Authorization vulnerability in miniOrange YourMembership Single Sign On allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YourMembership Single Sign On: from n/a through 1.1.3.

0

Attacker Value

Unknown

CVE-2023-32599

Disclosure Date: December 13, 2024 (last updated December 18, 2024)

Missing Authorization vulnerability in Bill Minozzi reCAPTCHA for all allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects reCAPTCHA for all: from n/a through 1.22.

0

Attacker Value

Unknown

CVE-2023-47776

Disclosure Date: December 09, 2024 (last updated December 21, 2024)

Missing Authorization vulnerability in miniOrange miniorange otp verification allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects miniorange otp verification: from n/a through 4.2.1.

0

Attacker Value

Unknown

CVE-2023-25455

Disclosure Date: December 09, 2024 (last updated December 21, 2024)

Missing Authorization vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn): from n/a through 7.6.0.

0

Attacker Value

Unknown

CVE-2023-24375

Disclosure Date: December 09, 2024 (last updated December 21, 2024)

Missing Authorization vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn): from n/a through 7.5.14.

0