The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2021-27771 | User SID can be modified resulting in an Arbitrary File Upload or deletion of directories causing a Denial of Service. When interacting in a normal matter with the Sametime chat application, users hold a cookie containing their session ID (SID). This value is also used when sending chat messages, receiving notifications and/or transferring files. | MEDIUM | May 13, 2022 | n/a |
| CVE-2021-35238 | User with Orion Platform Admin Rights could store XSS through URL POST parameter in CreateExternalWebsite website. | LOW | Sep 1, 2021 | n/a |
| CVE-2023-0382 | User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4.12528.1 due to uncontrolled memory consumption. | -- | Apr 5, 2023 | n/a |
| CVE-2023-29051 | User-defined OXMF templates could be used to access a limited part of the internal OX App Suite Java API. The existing switch to disable the feature by default was not effective in this case. Unauthorized users could discover and modify application state, including objects related to other users and contexts. We now make sure that the switch to disable user-generated templates by default works as intended and will remove the feature in future generations of the product. No publicly available exploits are known. | -- | Jan 9, 2024 | n/a |
| CVE-2023-41710 | User-defined script code could be stored for a upsell related shop URL. This code was not correctly sanitized when adding it to DOM. Attackers could lure victims to user accounts with malicious script code and make them execute it in the context of a trusted domain. We added sanitization for this content. No publicly available exploits are known. | -- | Jan 9, 2024 | n/a |
| CVE-2019-11514 | User/Command/ConfirmEmailHandler.php in Flarum before 0.1.0-beta.8 mishandles invalidation of user email tokens. | MEDIUM | May 2, 2019 | n/a |
| CVE-2018-17037 | user/editpost.php in UCMS 1.4.6 mishandles levels, which allows escalation from the normal user level of 1 to the superuser level of 3. | MEDIUM | Sep 14, 2018 | n/a |
| CVE-2018-20569 | user/index.php in Ivan Cordoba Generic Content Management System (CMS) through 2018-04-28 allows SQL injection for authentication bypass. | HIGH | Dec 28, 2018 | n/a |
| CVE-2017-16030 | Useragent is used to parse useragent headers. It uses several regular expressions to accomplish this. An attacker could edit their own headers, creating an arbitrarily long useragent string, causing the event loop and server to block. This affects Useragent 2.1.12 and earlier. | MEDIUM | Jun 4, 2018 | n/a |
| CVE-2021-22676 | UserExcelOut.asp within WebAccess/SCADA is vulnerable to cross-site scripting (XSS), which could allow an attacker to send malicious JavaScript code. This could result in hijacking of cookie/session tokens, redirection to a malicious webpage, and unintended browser action on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1). | MEDIUM | Aug 10, 2021 | n/a |
| CVE-2020-13405 | userfiles/modules/users/controller/controller.php in Microweber before 1.1.20 allows an unauthenticated user to disclose the users database via a /modules/ POST request. | MEDIUM | Jul 17, 2020 | n/a |
| CVE-2019-12737 | UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a Predictable Salt for storing user credentials. | MEDIUM | Oct 8, 2019 | n/a |
| CVE-2022-35132 | Usermin through 1.850 allows a remote authenticated user to execute OS commands via command injection in a filename for the GPG module. | -- | Oct 26, 2022 | n/a |
| CVE-2020-13461 | Username enumeration in present in Tufin SecureTrack. It\'s affecting all versions of SecureTrack. The vendor has decided not to fix this vulnerability. Vendor\'s response: This attack requires access to the internal network. If an attacker is part of the internal network, they do not require access to TOS to know the usernames. | LOW | Feb 12, 2021 | n/a |
| CVE-2022-1631 | Users Account Pre-Takeover or Users Account Takeover. in GitHub repository microweber/microweber prior to 1.2.15. Victim Account Take Over. Since, there is no email confirmation, an attacker can easily create an account in the application using the Victim’s Email. This allows an attacker to gain pre-authentication to the victim’s account. Further, due to the lack of proper validation of email coming from Social Login and failing to check if an account already exists, the victim will not identify if an account is already existing. Hence, the attacker’s persistence will remain. An attacker would be able to see all the activities performed by the victim user impacting the confidentiality and attempt to modify/corrupt the data impacting the integrity and availability factor. This attack becomes more interesting when an attacker can register an account from an employee’s email address. Assuming the organization uses G-Suite, it is much more impactful to hijack into an employee’s account. | MEDIUM | May 9, 2022 | n/a |
| CVE-2021-27772 | Users are able to read group conversations without actively taking part in them. Next to one to one conversations, users are able to start group conversations with multiple users. It was found possible to obtain the contents of these group conversations without being part of it. This could lead to information leakage where confidential information discussed in private groups is read by other users without the users knowledge. | MEDIUM | May 13, 2022 | n/a |
| CVE-2022-3162 | Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group. | -- | Nov 11, 2022 | n/a |
| CVE-2020-11826 | Users can lock their notes with a password in Memono version 3.8. Thus, users needs to know a password to read notes. However, these notes are stored in a database without encryption and an attacker can read the password-protected notes without having the password. Notes are stored in the ZENTITY table in the memono.sqlite database. | MEDIUM | Apr 16, 2020 | n/a |
| CVE-2022-26884 | Users can read any files by log server, Apache DolphinScheduler users should upgrade to version 2.0.6 or higher. | -- | Oct 28, 2022 | n/a |
| CVE-2021-30360 | Users have access to the directory where the installation repair occurs. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted EXE in the repair folder which runs with the Check Point Remote Access Client privileges. | HIGH | Jan 14, 2022 | n/a |
| CVE-2023-2728 | Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the `kubernetes.io/enforce-mountable-secrets` annotation are used together with ephemeral containers. | -- | Jun 16, 2023 | n/a |
| CVE-2023-2727 | Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers. | -- | Jun 16, 2023 | n/a |
| CVE-2022-3294 | Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to establish connections to Pods, retrieve container logs, and more. While Kubernetes already validates the proxying address for Nodes, a bug in kube-apiserver made it possible to bypass this validation. Bypassing this validation could allow authenticated requests destined for Nodes to to the API server\'s private network. | -- | Nov 11, 2022 | n/a |
| CVE-2018-2459 | Users of an SAP Mobile Platform (version 3.0) Offline OData application, which uses Offline OData-supplied delta tokens (which is on by default), occasionally receive some data values of a different user. | MEDIUM | Sep 11, 2018 | n/a |
| CVE-2020-24301 | Users of the HAPI FHIR Testpage Overlay 5.0.0 and below can use a specially crafted URL to exploit an XSS vulnerability in this module, allowing arbitrary JavaScript to be executed in the user\'s browser. The impact of this vulnerability is believed to be low, as this module is intended for testing and not believed to be widely used for any production purposes. | MEDIUM | Oct 8, 2020 | n/a |
| CVE-2022-0377 | Users of the LearnPress WordPress plugin before 4.1.5 can upload an image as a profile avatar after the registration. After this process the user crops and saves the image. Then a POST request that contains user supplied name of the image is sent to the server for renaming and cropping of the image. As a result of this request, the name of the user-supplied image is changed with a MD5 value. This process can be conducted only when type of the image is JPG or PNG. An attacker can use this vulnerability in order to rename an arbitrary image file. By doing this, they could destroy the design of the web site. | LOW | Feb 28, 2022 | n/a |
| CVE-2023-29052 | Users were able to define disclaimer texts for an upsell shop dialog that would contain script code that was not sanitized correctly. Attackers could lure victims to user accounts with malicious script code and make them execute it in the context of a trusted domain. We added sanitization for this content. No publicly available exploits are known. | -- | Jan 9, 2024 | n/a |
| CVE-2023-26456 | Users were able to set an arbitrary product name for OX Guard. The chosen value was not sufficiently sanitized before processing it at the user interface, allowing for indirect cross-site scripting attacks. Accounts that were temporarily taken over could be configured to trigger persistent code execution, allowing an attacker to build a foothold. Sanitization is in place for product names now. No publicly available exploits are known. | -- | Nov 2, 2023 | n/a |
| CVE-2019-1003049 | Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches. | MEDIUM | Apr 15, 2019 | n/a |
| CVE-2021-32039 | Users with appropriate file access may be able to access unencrypted user credentials saved by MongoDB Extension for VS Code in a binary file. These credentials may be used by malicious attackers to perform unauthorized actions. This vulnerability affects all MongoDB Extension for VS Code including and prior to version 0.7.0 | LOW | Jan 20, 2022 | n/a |
| CVE-2024-2731 | Users with low privileges (all permissions deselected in the administrator permissions settings) can view certain pages that expose sensitive information such as company names, users\' names and surnames, stage names, and monitoring campaigns and their descriptions. In addition, unprivileged users can see and edit the descriptions of tags. At the time of publication of the CVE no patch is available. | -- | Apr 10, 2024 | n/a |
| CVE-2024-3448 | Users with low privileges can perform certain AJAX actions. In this vulnerability instance, improper access to ajax?action=plugin:focus:checkIframeAvailability leads to a Server-Side Request Forgery by analyzing the error messages returned from the back-end. Allowing an attacker to perform a port scan in the back-end. At the time of publication of the CVE no patch is available. | -- | Apr 10, 2024 | n/a |
| CVE-2022-36966 | Users with Node Management rights were able to view and edit all nodes due to Insufficient control on URL parameter causing insecure direct object reference (IDOR) vulnerability in SolarWinds Platform 2022.3 and previous. | -- | Oct 21, 2022 | n/a |
| CVE-2023-24490 | Users with only access to launch VDA applications can launch an unauthorized desktop | -- | Jul 11, 2023 | n/a |
| CVE-2017-1000502 | Users with permission to create or configure agents in Jenkins 1.37 and earlier could configure an EC2 agent to run arbitrary shell commands on the master node whenever the agent was supposed to be launched. Configuration of these agents now requires the 'Run Scripts' permission typically only granted to administrators. | HIGH | Jan 24, 2018 | n/a |
| CVE-2019-5615 | Users with Site-level permissions can access files containing the username-encrypted passwords of Security Console Global Administrators and clear-text passwords for restoring backups, as well as the salt for those passwords. Valid credentials are required to access these files and malicious users would still need to perform additional work to decrypt the credentials and escalate privileges. This issue affects: Rapid7 InsightVM versions 6.5.11 through 6.5.49. | Low | Apr 11, 2019 | n/a |
| CVE-2022-0984 | Users with the capability to configure badge criteria (teachers and managers by default) were able to configure course badges with profile field criteria, which should only be available for site badges. | MEDIUM | Apr 30, 2022 | n/a |
| CVE-2024-5685 | Users with User:edit and Self:api permissions can promote or demote themselves or other users by performing changes to the group\'s memberships via API call.This issue affects snipe-it: from v4.6.17 through v6.4.1. | -- | Jun 14, 2024 | n/a |
| CVE-2022-40309 | Users with write permissions to a repository can delete arbitrary directories. | -- | Nov 17, 2022 | n/a |
| CVE-2017-17543 | Users' VPN authentication credentials are unsafely encrypted in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2335 and below versions, due to the use of a static encryption key and weak encryption algorithms. | MEDIUM | Apr 26, 2018 | n/a |
| CVE-2021-27885 | usersettings.php in e107 through 2.3.0 lacks a certain e_TOKEN protection mechanism. | MEDIUM | Mar 4, 2021 | n/a |
| CVE-2017-8269 | Userspace-controlled non null terminated parameter for IPA WAN ioctl in all Qualcomm products with Android releases from CAF using the Linux kernel can lead to exposure of kernel memory. | Medium | Aug 16, 2017 | n/a |
| CVE-2020-25698 | Users\' enrollment capabilities were not being sufficiently checked in Moodle when they are restored into an existing course. This could lead to them unenrolling users without having permission to do so. Versions affected: 3.5 to 3.5.14, 3.7 to 3.7.8, 3.8 to 3.8.5, 3.9 to 3.9.2 and earlier unsupported versions. Fixed in 3.9.3, 3.8.6, 3.7.9, 3.5.15, and 3.10. | MEDIUM | Nov 19, 2020 | n/a |
| CVE-2023-5879 | Users’ product account authentication data was stored in clear text in The Genie Company Aladdin Connect Mobile Application Version 5.65 Build 2075 (and below) on Android Devices. This allows the attacker, with access to the android device, to potentially retrieve users\' clear text authentication credentials. | -- | Jan 4, 2024 | n/a |
| CVE-2020-14156 | user_channel/passwd_mgr.cpp in OpenBMC phosphor-host-ipmid before 2020-04-03 does not ensure that /etc/ipmi-pass has strong file permissions. | MEDIUM | Jun 15, 2020 | n/a |
| CVE-2023-31447 | user_login.cgi on Draytek Vigor2620 devices before 3.9.8.4 (and on all versions of Vigor2925 devices) allows attackers to send a crafted payload to modify the content of the code segment, insert shellcode, and execute arbitrary code. | -- | Aug 21, 2023 | n/a |
| CVE-2024-37886 | user_oidc app is an OpenID Connect user backend for Nextcloud. An attacker could potentially trick the app into accepting a request that is not signed by the correct server. It is recommended that the Nextcloud user_oidc app is upgraded to 1.3.5, 2.0.0, 3.0.0, 4.0.0 or 5.0.0. | -- | Jun 14, 2024 | n/a |
| CVE-2023-32074 | user_oidc app is an OpenID Connect user backend for Nextcloud. Authentication can be broken/bypassed in user_oidc app. It is recommended that the Nextcloud user_oidc app is upgraded to 1.3.2 | -- | May 25, 2023 | n/a |
| CVE-2024-37312 | user_oidc app is an OpenID Connect user backend for Nextcloud. Missing access control on the ID4me endpoint allows an attacker to register an account eventually getting access to data that is available to all registered users. It is recommended that the OpenID Connect user backend is upgraded to 3.0.0 (Nextcloud 20-23), 4.0.0 (Nexcloud 24) or 5.0.0 (Nextcloud 25-28). | -- | Jun 14, 2024 | n/a |
| CVE-2022-39339 | user_oidc is an OpenID Connect user backend for Nextcloud. In versions prior to 1.2.1 sensitive information such as the OIDC client credentials and tokens are sent in plain text of HTTP without TLS. Any malicious actor with access to monitor user traffic may have been able to compromise account security. This issue has been addressed in in user_oidc v1.2.1. Users are advised to upgrade. Users unable to upgrade may use https to access Nextcloud. Set an HTTPS discovery URL in the provider settings (in Nextcloud OIDC admin settings). | -- | Nov 26, 2022 | n/a |
