• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-862

CVE-2020-13422

February 26, 2023 by

OpenIAM before 4.2.0.3 does not verify if a user has permissions to perform /webconsole/rest/api/* administrative actions.

CVE-2020-13425

February 26, 2023 by

TrackR devices through 2020-05-06 allow attackers to trigger the Beep (aka alarm) feature, which will eventually cause a denial of service when battery capacity is exhausted.

CVE-2020-13445

February 26, 2023 by

In Liferay Portal before 7.3.2 and Liferay DXP 7.0 before fix pack 92, 7.1 before fix pack 18, and 7.2 before fix pack 6, the template API does not restrict user access to sensitive objects, which allows remote authenticated users to execute arbitrary code via crafted FreeMarker and Velocity templates.

CVE-2020-13296

February 26, 2023 by

An issue has been discovered in GitLab affecting versions >=10.7 =13.1.0 =13.2.0 <13.2.6. Improper Access Control for Deploy Tokens

CVE-2020-13319

February 26, 2023 by

An issue has been discovered in GitLab affecting versions prior to 13.1.2, 13.0.8 and 12.10.13. Missing permission check for adding time spent on an issue.

CVE-2020-13266

February 26, 2023 by

Insecure authorization in Project Deploy Keys in GitLab CE/EE 12.8 and later through 13.0.1 allows users to update permissions of other users’ deploy keys under certain conditions

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 42
  • Go to page 43
  • Go to page 44
  • Go to page 45
  • Go to page 46
  • Interim pages omitted …
  • Go to page 211
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE