• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-863

CVE-2020-5343

February 26, 2023 by

Dell Client platforms restored using a Dell OS recovery image downloaded before December 20, 2019, may contain an insecure inherited permissions vulnerability. A local authenticated malicious user with low privileges could exploit this vulnerability to gain unauthorized access on the root folder.

CVE-2020-5275

February 26, 2023 by

In symfony/security-http before versions 4.4.7 and 5.0.7, when a `Firewall` checks access control rule, it iterate overs each rule’s attributes and stops as soon as the accessDecisionManager decides to grant access on the attribute, preventing the check of next attributes that should have been take into account in an unanimous strategy. The accessDecisionManager is now called with all attributes at once, allowing the unanimous strategy being applied on each attribute. This issue is patched in versions 4.4.7 and 5.0.7.

CVE-2020-5279

February 26, 2023 by

In PrestaShop between versions 1.5.0.0 and 1.7.6.5, there are improper access control since the the version 1.5.0.0 for legacy controllers. – admin-dev/index.php/configure/shop/customer-preferences/ – admin-dev/index.php/improve/international/translations/ – admin-dev/index.php/improve/international/geolocation/ – admin-dev/index.php/improve/international/localization – admin-dev/index.php/configure/advanced/performance – admin-dev/index.php/sell/orders/delivery-slips/ – admin-dev/index.php?controller=AdminStatuses The problem is fixed in 1.7.6.5

CVE-2020-5287

February 26, 2023 by

In PrestaShop between versions 1.5.5.0 and 1.7.6.5, there is improper access control on customers search. The problem is fixed in 1.7.6.5.

CVE-2020-5288

February 26, 2023 by

“In PrestaShop between versions 1.7.0.0 and 1.7.6.5, there is improper access controls on product attributes page. The problem is fixed in 1.7.6.5.

CVE-2020-5293

February 26, 2023 by

In PrestaShop between versions 1.7.0.0 and 1.7.6.5, there are improper access controls on product page with combinations, attachments and specific prices. The problem is fixed in 1.7.6.5.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 21
  • Go to page 22
  • Go to page 23
  • Go to page 24
  • Go to page 25
  • Interim pages omitted …
  • Go to page 192
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE