Total
1693 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-67165 | 1 Pagekit | 1 Pagekit | 2026-01-02 | N/A | 9.8 CRITICAL |
| An Insecure Direct Object Reference (IDOR) in Pagekit CMS v1.0.18 allows attackers to escalate privileges. | |||||
| CVE-2021-47721 | 1 Orangescrum | 1 Orangescrum | 2025-12-31 | N/A | 8.8 HIGH |
| Orangescrum 1.8.0 contains a privilege escalation vulnerability that allows authenticated users to take over other project-assigned accounts by manipulating session cookies. Attackers can extract the victim's unique ID from the page source and replace their own session cookie to gain unauthorized access to another user's account. | |||||
| CVE-2024-56143 | 1 Strapi | 1 Strapi | 2025-12-31 | N/A | 8.2 HIGH |
| Strapi is an open-source headless content management system. In versions from 5.0.0 to before 5.5.2, the lookup operator provided by the document service does not properly sanitize query parameters for private fields. An attacker can access private fields, including admin passwords and reset tokens, by crafting queries with the lookup parameter. This vulnerability is fixed in 5.5.2. | |||||
| CVE-2024-53406 | 1 Espressif | 1 Esp-idf | 2025-12-31 | N/A | 8.8 HIGH |
| Espressif Esp idf v5.3.0 is vulnerable to Insecure Permissions resulting in Authentication bypass. In the reconnection phase, the device reuses the session key from a previous connection session, creating an opportunity for attackers to execute security bypass attacks. | |||||
| CVE-2025-64012 | 1 Invoiceplane | 1 Invoiceplane | 2025-12-31 | N/A | 4.3 MEDIUM |
| InvoicePlane commit debb446c is vulnerable to Incorrect Access Control. The invoices/view handler fails to verify ownership before returning invoice data. | |||||
| CVE-2023-53930 | 1 Projectsend | 1 Projectsend | 2025-12-27 | N/A | 7.5 HIGH |
| ProjectSend r1605 contains an insecure direct object reference vulnerability that allows unauthenticated attackers to download private files by manipulating the download ID parameter. Attackers can access any user's private files by changing the 'id' parameter in the download request to process.php. | |||||
| CVE-2023-53914 | 1 Ulicms | 1 Ulicms | 2025-12-24 | N/A | 9.8 CRITICAL |
| UliCMS 2023.1 contains an authentication bypass vulnerability that allows unauthenticated attackers to create admin users through mass assignment in the UserController. Attackers can send a crafted POST request to the admin index.php endpoint with specific parameters to generate an administrative account with full system access. | |||||
| CVE-2025-11247 | 1 Gitlab | 1 Gitlab | 2025-12-23 | N/A | 4.3 MEDIUM |
| GitLab has remediated an issue in GitLab EE affecting all versions from 13.2 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to disclose sensitive information from private projects by executing specifically crafted GraphQL queries. | |||||
| CVE-2025-12997 | 1 Medtronic | 1 Carelink Network | 2025-12-22 | N/A | 2.2 LOW |
| Insecure Direct Object Reference vulnerability in Medtronic CareLink Network which allows an authenticated attacker with access to specific device and user information to submit web requests to an API endpoint that would expose sensitive user information. This issue affects CareLink Network: before December 4, 2025. | |||||
| CVE-2022-29287 | 1 Kentico | 1 Xperience | 2025-12-19 | 4.0 MEDIUM | 4.9 MEDIUM |
| Kentico CMS before 13.0.66 has an Insecure Direct Object Reference vulnerability. It allows an attacker with user management rights (default is Administrator) to export the user options of any user, even ones with higher privileges (like Global Administrators) than the current user. The exported XML contains every option of the exported user (even the hashed password). | |||||
| CVE-2025-34438 | 1 Wwbn | 1 Avideo | 2025-12-19 | N/A | 8.1 HIGH |
| AVideo versions prior to 20.1 contain an insecure direct object reference vulnerability allowing users with upload permissions to modify the rotation metadata of any video. The endpoint verifies upload capability but fails to enforce ownership or management rights for the targeted video. | |||||
| CVE-2025-34437 | 1 Wwbn | 1 Avideo | 2025-12-19 | N/A | 8.8 HIGH |
| AVideo versions prior to 20.1 permit any authenticated user to upload comment images to videos owned by other users. The endpoint validates authentication but omits ownership checks, allowing attackers to perform unauthorized uploads to arbitrary video objects. | |||||
| CVE-2025-34436 | 1 Wwbn | 1 Avideo | 2025-12-19 | N/A | 8.8 HIGH |
| AVideo versions prior to 20.1 allow any authenticated user to upload files into directories belonging to other users due to an insecure direct object reference. The upload functionality verifies authentication but does not enforce ownership checks. | |||||
| CVE-2025-34435 | 1 Wwbn | 1 Avideo | 2025-12-19 | N/A | 6.5 MEDIUM |
| AVideo versions prior to 20.1 are vulnerable to an insecure direct object reference (IDOR) that allows any authenticated user to delete media files belonging to other users. The affected endpoint validates authentication but fails to verify ownership or edit permissions for the targeted video. | |||||
| CVE-2025-64011 | 1 Nextcloud | 1 Nextcloud Server | 2025-12-19 | N/A | 4.3 MEDIUM |
| Nextcloud Server 30.0.0 is vulnerable to an Insecure Direct Object Reference (IDOR) in the /core/preview endpoint. Any authenticated user can access previews of arbitrary files belonging to other users by manipulating the fileId parameter. This allows unauthorized disclosure of sensitive data, such as text files or images, without prior sharing permissions. | |||||
| CVE-2025-43732 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2025-12-19 | N/A | 2.7 LOW |
| Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.10, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.17 and 7.4 GA through update 92 is vulnerable to Insecure Direct Object Reference (IDOR) in the groupId parameter of the _com_liferay_roles_selector_web_portlet_RolesSelectorPortlet_groupId. When an organization administrator modifies this parameter id value, they can gain unauthorized access to user lists from other organizations. | |||||
| CVE-2025-58137 | 1 Apache | 1 Fineract | 2025-12-18 | N/A | 8.1 HIGH |
| Authorization Bypass Through User-Controlled Key vulnerability in Apache Fineract. This issue affects Apache Fineract: through 1.11.0. The issue is fixed in version 1.12.1. Users are encouraged to upgrade to version 1.13.0, the latest release. | |||||
| CVE-2020-36895 | 1 Eibiz | 1 I-media Server Digital Signage | 2025-12-17 | N/A | 7.5 HIGH |
| EIBIZ i-Media Server Digital Signage 3.8.0 contains an unauthenticated configuration disclosure vulnerability that allows remote attackers to access sensitive configuration files via direct object reference. Attackers can retrieve the SiteConfig.properties file through an HTTP GET request, exposing administrative credentials, database connection details, and system configuration information. | |||||
| CVE-2023-49251 | 1 Siemens | 2 Simatic Cn 4100, Simatic Cn 4100 Firmware | 2025-12-16 | N/A | 8.8 HIGH |
| A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application allows an attacker to add their own login credentials to the device. This allows an attacker to remotely login as root and take control of the device even after the affected device is fully set up. | |||||
| CVE-2022-0639 | 1 Url-parse Project | 1 Url-parse | 2025-12-16 | 5.0 MEDIUM | 5.3 MEDIUM |
| Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7. | |||||