CWE-863

PlugInsIDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!JPEGTransW+0x000000000000c7f4 via a crafted BMP image.

An issue was discovered in Joomla! 3.0.0 through 3.9.24. Incorrect ACL checks could allow unauthorized change of the category for an article.

An issue was discovered in Joomla! 4.0.0. The media manager does not correctly check the user’s permissions before executing a file deletion command.

In “Dolibarr” application, 2.8.1 to 13.0.4 don’t restrict or incorrectly restricts access to a resource from an unauthorized actor. A low privileged attacker can modify the Private Note which only an administrator has rights to do, the affected field is at “/adherents/note.php?id=1” endpoint.

In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user.

In JetBrains TeamCity before 2020.2.1, permissions during token removal were checked improperly.