ReportizFlow
Filtered by vendor
Subscriptions
Total
1612 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-12270 | 1 Learnhouse | 1 Learnhouse | 2025-10-31 | 4.3 Medium |
| A vulnerability was determined in LearnHouse up to 98dfad76aad70711a8113f6c1fdabfccf10509ca. The impacted element is an unknown function of the file /api/v1/assignments/{assignment_id}/tasks/{task_id}/sub_file of the component Student Assignment Submission Handler. This manipulation causes improper control of resource identifiers. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-52446 | 4 Linux, Microsoft, Salesforce and 1 more | 4 Linux Kernel, Windows, Tableau Server and 1 more | 2025-10-31 | 8 High |
| Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux (tab-doc api modules) allows Interface Manipulation (data access to the production database cluster).This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19. | ||||
| CVE-2025-52447 | 4 Linux, Microsoft, Salesforce and 1 more | 4 Linux Kernel, Windows, Tableau Server and 1 more | 2025-10-31 | 8.1 High |
| Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux (set-initial-sql tabdoc command modules) allows Interface Manipulation (data access to the production database cluster). This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19. | ||||
| CVE-2025-52448 | 4 Linux, Microsoft, Salesforce and 1 more | 4 Linux Kernel, Windows, Tableau Server and 1 more | 2025-10-31 | 8.1 High |
| Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux (validate-initial-sql api modules) allows Interface Manipulation (data access to the production database cluster). This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19. | ||||
| CVE-2025-9559 | 2 Pega, Pegasystems | 2 Pega Platform, Pega Infinity | 2025-10-30 | 6.5 Medium |
| Pega Platform versions 8.7.5 to Infinity 24.2.2 are affected by a Insecure Direct Object Reference issue in a user interface component that can only be used to read data. | ||||
| CVE-2025-10759 | 1 Webkul | 1 Qloapps | 2025-10-30 | 5.3 Medium |
| A vulnerability was detected in Webkul QloApps up to 1.7.0. This affects an unknown function of the component CSRF Token Handler. Performing manipulation of the argument token results in authorization bypass. The attack may be initiated remotely. The exploit is now public and may be used. The vendor explains: "As We are already aware about this vulnerability and our Internal team are already working on this issue. (...) We'll implement the fix for this vulnerability in our next major release." | ||||
| CVE-2025-31997 | 1 Hcltech | 2 Unica, Unica Centralized Offer Management | 2025-10-29 | 4.2 Medium |
| HCL Unica Centralized Offer Management is vulnerable to Insecure Direct Object References (IDOR). An attacker can bypass authorization and access resources in the system directly, for example database records or files. | ||||
| CVE-2025-0058 | 1 Sap | 1 Sap Basis | 2025-10-24 | 6.5 Medium |
| In SAP Business Workflow and SAP Flexible Workflow, an authenticated attacker can manipulate a parameter in an otherwise legitimate resource request to view sensitive information that should otherwise be restricted. The attacker does not have the ability to modify the information or to make the information unavailable. | ||||
| CVE-2021-39226 | 3 Fedoraproject, Grafana, Redhat | 5 Fedora, Grafana, Enterprise Linux and 2 more | 2025-10-24 | 9.8 Critical |
| Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "public_mode" configuration setting is set to true (vs default of false), unauthenticated users are able to delete the snapshot with the lowest database key by accessing the literal path: /api/snapshots-delete/:deleteKey. Regardless of the snapshot "public_mode" setting, authenticated users are able to delete the snapshot with the lowest database key by accessing the literal paths: /api/snapshots/:key, or /api/snapshots-delete/:deleteKey. The combination of deletion and viewing enables a complete walk through all snapshot data while resulting in complete snapshot data loss. This issue has been resolved in versions 8.1.6 and 7.5.11. If for some reason you cannot upgrade you can use a reverse proxy or similar to block access to the literal paths: /api/snapshots/:key, /api/snapshots-delete/:deleteKey, /dashboard/snapshot/:key, and /api/snapshots/:key. They have no normal function and can be disabled without side effects. | ||||
| CVE-2025-58055 | 1 Discourse | 1 Discourse | 2025-10-23 | 4.3 Medium |
| Discourse is an open-source community discussion platform. In versions 3.5.0 and below, the Discourse AI suggestion endpoints for topic “Title”, “Category”, and “Tags” allowed authenticated users to extract information about topics that they weren’t authorized to access. By modifying the “topic_id” value in API requests to the AI suggestion endpoints, users could target specific restricted topics. The AI model’s responses then disclosed information that the authenticated user couldn’t normally access. This issue is fixed in version 3.5.1. To workaround this issue, users can restrict group access to the AI helper feature through the "composer_ai_helper_allowed_groups" and "post_ai_helper_allowed_groups" site settings. | ||||
| CVE-2024-9097 | 1 Zohocorp | 1 Manageengine Endpoint Central | 2025-10-22 | 3.5 Low |
| ManageEngine Endpoint Central versions before 11.3.2440.09 are vulnerable to IDOR vulnerability which allows the attacker to change the username in the chat. | ||||
| CVE-2025-40658 | 1 Acc | 1 Dm Corporative Cms | 2025-10-22 | 7.5 High |
| An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/framesSelection.asp. | ||||
| CVE-2025-40659 | 1 Acc | 1 Dm Corporative Cms | 2025-10-22 | 7.5 High |
| An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/framesSelectionNetworks.asp. | ||||
| CVE-2025-40660 | 1 Acc | 1 Dm Corporative Cms | 2025-10-22 | 7.5 High |
| An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/select node/data.asp?mode=catalogue&id1=1&id2=1session=&cod=1&networks=0. | ||||
| CVE-2025-40661 | 1 Acc | 1 Dm Corporative Cms | 2025-10-22 | 7.5 High |
| An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/selection.asp. | ||||
| CVE-2025-45968 | 1 System Pdv Project | 1 System Pdv | 2025-10-21 | 9.8 Critical |
| An issue in System PDV v1.0 allows a remote attacker to obtain sensitive information via the hash parameter in a URL. The application contains an Insecure Direct Object Reference (IDOR) vulnerability, which occurs due to a lack of proper authorization checks when accessing objects referenced by this parameter. This allows direct access to other users' data or internal resources without proper permission. Successful exploitation of this flaw may result in the exposure of sensitive information. | ||||
| CVE-2025-41020 | 1 Sergestec | 1 Exito | 2025-10-21 | 7.5 High |
| Insecure direct object reference (IDOR) vulnerability in Sergestec's Exito v8.0. This vulnerability allows an attacker to access data belonging to other customers through the 'id' parameter in '/admin/ticket_a4.php'. | ||||
| CVE-2025-7106 | 1 Librechat | 1 Librechat | 2025-10-20 | 5.3 Medium |
| danny-avila/librechat is affected by an authorization bypass vulnerability due to improper access control checks. The `checkAccess` function in `api/server/middleware/roles/access.js` uses `permissions.some()` to validate permissions, which incorrectly grants access if only one of multiple required permissions is present. This allows users with the 'USER' role to create agents despite having `CREATE: false` permission, as the check for `['USE', 'CREATE']` passes with just `USE: true`. This vulnerability affects other permission checks as well, such as `PROMPTS`. The issue is present in all versions prior to the fix. | ||||
| CVE-2025-40773 | 1 Siemens | 1 Sipass Integrated | 2025-10-20 | 3.5 Low |
| A vulnerability has been identified in SiPass integrated (All versions < V3.0). Affected server applications contains a broken access control vulnerability. The authorization mechanism lacks sufficient server-side checks, allowing an attacker to execute a specific API request. Successful exploitation allows an attacker to potentially manipulate data belonging to other users. | ||||
| CVE-2025-55795 | 1 Openml | 2 Openml, Openml.org | 2025-10-16 | 3.5 Low |
| The openml/openml.org web application version v2.0.20241110 uses incremental user IDs and insufficient email ownership verification during email update workflows. An authenticated attacker controlling a user account with a lower user ID can update their email address to that of another user with a higher user ID without proper verification. This results in the victim's email being reassigned to the attacker's account, causing the victim to be locked out immediately and unable to log in. The vulnerability leads to denial of service via account lockout but does not grant the attacker direct access to the victim's private data. | ||||