Total
1029 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-28686 | 3 Debian, Dino, Fedoraproject | 3 Debian Linux, Dino, Fedora | 2025-02-19 | N/A | 7.1 HIGH |
| Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. The attacker can change the display of group chats or force a victim to join a group chat; the victim may then be tricked into disclosing sensitive information. | |||||
| CVE-2024-13601 | 1 Majesticsupport | 1 Majestic Support | 2025-02-18 | N/A | 4.3 MEDIUM |
| The Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.0.5 via the 'exportusereraserequest' function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to export ticket data for any user. | |||||
| CVE-2023-26984 | 1 Peppermint | 1 Peppermint | 2025-02-18 | N/A | 8.1 HIGH |
| An issue in the password reset function of Peppermint v0.2.4 allows attackers to access the emails and passwords of the Tickets page via a crafted request. | |||||
| CVE-2025-26788 | 2025-02-15 | N/A | 8.4 HIGH | ||
| StrongKey FIDO Server before 4.15.1 treats a non-discoverable (namedcredential) flow as a discoverable transaction. | |||||
| CVE-2024-1470 | 1 Netiq | 1 Client Login Extension | 2025-02-14 | N/A | 7.1 HIGH |
| Authorization Bypass Through User-Controlled Key vulnerability in NetIQ (OpenText) Client Login Extension on Windows allows Privilege Escalation, Code Injection.This issue only affects NetIQ Client Login Extension: 4.6. | |||||
| CVE-2024-34520 | 2025-02-13 | N/A | 8.8 HIGH | ||
| An authorization bypass vulnerability exists in the Mavenir SCE Application Provisioning Portal, version PORTAL-LBS-R_1_0_24_0, which allows an authenticated 'guest' user to perform unauthorized administrative actions, such as accessing the 'add user' feature, by bypassing client-side access controls. | |||||
| CVE-2023-0967 | 1 Imaworldhealth | 1 Bhima | 2025-02-13 | N/A | 6.5 MEDIUM |
| Bhima version 1.27.0 allows an attacker authenticated with normal user permissions to view sensitive data of other application users and data that should only be viewed by the administrator. This is possible because the application is vulnerable to IDOR, it does not properly validate user permissions with respect to certain actions the user can perform. | |||||
| CVE-2024-1313 | 2025-02-13 | N/A | 6.5 MEDIUM | ||
| It is possible for a user in a different organization from the owner of a snapshot to bypass authorization and delete a snapshot by issuing a DELETE request to /api/snapshots/<key> using its view key. This functionality is intended to only be available to individuals with the permission to write/edit to the snapshot in question, but due to a bug in the authorization logic, deletion requests issued by an unprivileged user in a different organization than the snapshot owner are treated as authorized. Grafana Labs would like to thank Ravid Mazon and Jay Chen of Palo Alto Research for discovering and disclosing this vulnerability. This issue affects Grafana: from 9.5.0 before 9.5.18, from 10.0.0 before 10.0.13, from 10.1.0 before 10.1.9, from 10.2.0 before 10.2.6, from 10.3.0 before 10.3.5. | |||||
| CVE-2025-1270 | 2025-02-13 | N/A | 9.1 CRITICAL | ||
| Insecure direct object reference (IDOR) vulnerability in Anapi Group's h6web, allows an authenticated attacker to access other users' information by making a POST request and modifying the “pkrelated” parameter in the “/h6web/ha_datos_hermano.php” endpoint to refer to another user. In addition, the first request could also allow the attacker to impersonate other users. As a result, all requests made after exploitation of the IDOR vulnerability will be executed with the privileges of the impersonated user. | |||||
| CVE-2023-6897 | 1 Wpfactory | 1 Ean For Woocommerce | 2025-02-11 | N/A | 4.3 MEDIUM |
| The EAN for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.9.2 via the the 'alg_wc_ean_product_meta' shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with contributor-level access and above, to expose potentially sensitive post metadata. | |||||
| CVE-2024-43322 | 1 Zephyr-one | 1 Zephyr Project Manager | 2025-02-11 | N/A | 5.4 MEDIUM |
| Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.100. | |||||
| CVE-2025-24976 | 2025-02-11 | N/A | N/A | ||
| Distribution is a toolkit to pack, ship, store, and deliver container content. Systems running registry versions 3.0.0-beta.1 through 3.0.0-rc.2 with token authentication enabled may be vulnerable to an issue in which token authentication allows an attacker to inject an untrusted signing key in a JSON web token (JWT). The issue lies in how the JSON web key (JWK) verification is performed. When a JWT contains a JWK header without a certificate chain, the code only checks if the KeyID (`kid`) matches one of the trusted keys, but doesn't verify that the actual key material matches. A fix for the issue is available at commit 5ea9aa028db65ca5665f6af2c20ecf9dc34e5fcd and expected to be a part of version 3.0.0-rc.3. There is no way to work around this issue without patching if the system requires token authentication. | |||||
| CVE-2023-1417 | 1 Gitlab | 1 Gitlab | 2025-02-11 | N/A | 4.3 MEDIUM |
| An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. It was possible for an unauthorised user to add child epics linked to victim's epic in an unrelated group. | |||||
| CVE-2024-6410 | 1 Metagauss | 1 Profilegrid | 2025-02-10 | N/A | 4.3 MEDIUM |
| The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.8.9 via the 'pm_upload_image' function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change the profile picture of any user. | |||||
| CVE-2024-32683 | 1 Wpmet | 1 Wp Ultimate Review | 2025-02-09 | N/A | 5.3 MEDIUM |
| Authorization Bypass Through User-Controlled Key vulnerability in Wpmet Wp Ultimate Review.This issue affects Wp Ultimate Review: from n/a through 2.2.5. | |||||
| CVE-2023-6969 | 1 Kylebjohnson | 1 User Shortcodes Plus | 2025-02-07 | N/A | 5.3 MEDIUM |
| The User Shortcodes Plus plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.2 via the user_meta shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with contributor-level access and above, to retrieve potentially sensitive user meta. | |||||
| CVE-2023-6317 | 1 Lg | 5 Lg43um7000pla, Oled48c1pub, Oled55a23la and 2 more | 2025-02-07 | N/A | 7.2 HIGH |
| A prompt bypass exists in the secondscreen.gateway service running on webOS version 4 through 7. An attacker can create a privileged account without asking the user for the security PIN. Full versions and TV models affected: webOS 4.9.7 - 5.30.40 running on LG43UM7000PLA webOS 5.5.0 - 04.50.51 running on OLED55CXPUA webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB webOS 7.3.1-43 (mullet-mebin) - 03.33.85 running on OLED55A23LA | |||||
| CVE-2022-45175 | 1 Liveboxcloud | 1 Vdesk | 2025-02-07 | N/A | 6.5 MEDIUM |
| An issue was discovered in LIVEBOX Collaboration vDesk through v018. An Insecure Direct Object Reference can occur under the 5.6.5-3/doc/{ID-FILE]/c/{N]/{C]/websocket endpoint. A malicious unauthenticated user can access cached files in the OnlyOffice backend of other users by guessing the file ID of a target file. | |||||
| CVE-2018-17449 | 1 Gitlab | 1 Gitlab | 2025-02-07 | N/A | 7.5 HIGH |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. Remote attackers could obtain sensitive information about issues, comments, and project titles via events API insecure direct object reference. | |||||
| CVE-2024-13457 | 1 Liquidweb | 1 Event Tickets | 2025-02-07 | N/A | 5.3 MEDIUM |
| The Event Tickets and Registration plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.18.1 via the tc-order-id parameter due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to view order details of orders they did not place, which includes ticket prices, user emails and order date. | |||||