All CVE vulnerabilities classified under this weakness type.
View on MITRE CWE10
0
0
0
Improper Authorization of Index Containing Sensitive Information in GitHub repository omeka/omeka-s prior to 4.0.4.
Improper authorization of an index that contains sensitive information from a Global Files search in Windows Defender allows an authorized attacker to disclose information over a network.
Dell PowerScale OneFS, versions 9.0.0-9.3.0, contain an improper authorization of index containing sensitive information. An authenticated and privileged user could potentially exploit this vulnerabil...
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an information disclosure vulnerability that allows unauthorized access to device hardware information by exploiting insecure API endp...
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an improper access control vulnerability that allows unauthorized device manipulation by accepting arbitrary serial numbers without ow...
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains a broken access control vulnerability that allows authenticated users to access other users' pet data by exploiting missing ownership ...
alf.io is an open source ticket reservation system. Prior to version 2.0-Mr-2402, organization owners can view the generated API KEY and USERS of other organization owners using the `http://192.168.26...
Contao is an Open Source CMS. In versions starting from 4.9.14 and prior to 4.13.56, 5.3.38, and 5.6.1, protected content elements that are rendered as fragments are indexed and become publicly availa...
OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. There is an issue with the implementation of fine-grained access control rules (document-level security, field-level sec...
OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization. Versions 2.0.0.0 and 2.1.0.0 of the security plugin are affected by an information disclosure v...