A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization, enabling them to access sensitive informat...

Improper Authorization in Azure Automation allows an authorized attacker to elevate privileges over a network.

Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior give unauthenticated users root privileges o...

AxiomSL's Axiom java applet module (used for editing uploaded Excel files and associated Java RMI services) 9.5.3 and earlier allows remote attackers to (1) access data of other basic users through ar...

EMC ViPR SRM before 3.7.2 does not restrict the number of password-authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force guessing attack.

ProjectSend (formerly cFTP) r582 allows Insecure Direct Object Reference via includes/actions.log.export.php.