Filtered by CWE-840
Total 51 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-6017 1 H2o 1 H2o 2024-08-02 7.1 High
H2O included a reference to an S3 bucket that no longer existed allowing an attacker to take over the S3 bucket URL.
CVE-2023-3228 1 Fossbilling 1 Fossbilling 2024-08-02 5.7 Medium
Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0.
CVE-2023-3229 1 Fossbilling 1 Fossbilling 2024-08-02 6.5 Medium
Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0.
CVE-2023-1887 1 Phpmyfaq 1 Phpmyfaq 2024-08-02 4.3 Medium
Business Logic Errors in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2023-1542 1 Answer 1 Answer 2024-08-02 5.4 Medium
Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6.
CVE-2023-1541 1 Answer 1 Answer 2024-08-02 3.8 Low
Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6.
CVE-2023-0565 1 Froxlor 1 Froxlor 2024-08-02 5.5 Medium
Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.10.
CVE-2024-39671 1 Huawei 2 Emui, Harmonyos 2024-08-02 9.3 Critical
Access control vulnerability in the security verification module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-32999 2024-08-02 6.8 Medium
Cracking vulnerability in the OS security module Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-4046 2024-08-01 6.4 Medium
Cracking vulnerability in the OS security module Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-1456 2024-08-01 N/A
An S3 bucket takeover vulnerability was identified in the h2oai/h2o-3 repository. The issue involves the S3 bucket 'http://s3.amazonaws.com/h2o-training', which was found to be vulnerable to unauthorized takeover.