Payments Director in IBM Financial Transaction Manager (FTM) for ACH Services, Check Services, and Corporate Payment Services (CPS) 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to conduct clickjacking attacks via a crafted web site.
A potential improper access control vulnerability exists in the backup mechanism of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in unauthorized download of a backup. In order ...
Multiple Plugins from the CatchThemes vendor do not perform capability and CSRF checks in the ctp_switch AJAX action, which could allow any authenticated users, such as Subscriber to change the Essent...
The CMS8000 device does not properly control or sanitize the SSID name of a new Wi-Fi access point. A threat actor could create an SSID with a malicious name, including non-standard characters that, w...
Nextcloud office/richdocuments is an office suit for the nextcloud server platform. In affected versions the Collabora integration can be tricked to provide access to any file without proper permissio...
Mattermost Android Mobile Apps versions <=2.21.0 fail to properly configure file providers which allows an attacker with local access to access files via file provider.
Skype for Business Information Disclosure Vulnerability