ReportizFlow
Filtered by vendor Ikus-soft
Subscriptions
Total
45 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-67796 | 1 Ikus-soft | 1 Rdiffweb | 2026-05-05 | 8.1 High |
| IKUS Rdiffweb before 2.10.5 has an improper authorization flaw that allows an attacker with any valid or stolen access token to act as other users. The API does not enforce binding between the authenticated subject and the targeted user/tenant, so crafted requests can read or modify other users data and, in some cases, perform privileged actions. This issue may enable cross-tenant access. Fixed in version 2.10.6. | ||||
| CVE-2022-3251 | 1 Ikus-soft | 1 Minarca | 2025-05-28 | 5.3 Medium |
| Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/minarca prior to 4.2.2. | ||||
| CVE-2022-3250 | 1 Ikus-soft | 1 Rdiffweb | 2025-05-28 | 5.3 Medium |
| Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.6. | ||||
| CVE-2022-3233 | 1 Ikus-soft | 1 Rdiffweb | 2025-05-23 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6. | ||||
| CVE-2022-3268 | 1 Ikus-soft | 1 Minarca | 2025-05-23 | 9.8 Critical |
| Weak Password Requirements in GitHub repository ikus060/minarca prior to 4.2.2. | ||||
| CVE-2022-3267 | 1 Ikus-soft | 1 Rdiffweb | 2025-05-23 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6. | ||||
| CVE-2022-3274 | 1 Ikus-soft | 1 Rdiffweb | 2025-05-22 | 3.5 Low |
| Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.7. | ||||
| CVE-2022-3269 | 1 Ikus-soft | 1 Rdiffweb | 2025-05-22 | 9.8 Critical |
| Session Fixation in GitHub repository ikus060/rdiffweb prior to 2.4.7. | ||||
| CVE-2022-3295 | 1 Ikus-soft | 1 Rdiffweb | 2025-05-21 | 7.5 High |
| Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8. | ||||
| CVE-2022-3290 | 1 Ikus-soft | 1 Rdiffweb | 2025-05-21 | 7.5 High |
| Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8. | ||||
| CVE-2022-3301 | 1 Ikus-soft | 1 Rdiffweb | 2025-05-21 | 2.4 Low |
| Improper Cleanup on Thrown Exception in GitHub repository ikus060/rdiffweb prior to 2.4.8. | ||||
| CVE-2022-3272 | 1 Ikus-soft | 1 Rdiffweb | 2025-05-21 | 7.5 High |
| Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8. | ||||
| CVE-2022-3298 | 1 Ikus-soft | 1 Rdiffweb | 2025-05-21 | 7.5 High |
| Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8. | ||||
| CVE-2022-3292 | 1 Ikus-soft | 1 Rdiffweb | 2025-05-21 | 4.6 Medium |
| Use of Cache Containing Sensitive Information in GitHub repository ikus060/rdiffweb prior to 2.4.8. | ||||
| CVE-2022-3326 | 1 Ikus-soft | 1 Rdiffweb | 2025-05-20 | 4.3 Medium |
| Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.9. | ||||
| CVE-2022-3364 | 1 Ikus-soft | 1 Rdiffweb | 2025-05-20 | 7.5 High |
| Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a3. | ||||
| CVE-2022-3371 | 1 Ikus-soft | 1 Rdiffweb | 2025-05-20 | 7.5 High |
| Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a3. | ||||
| CVE-2022-3456 | 1 Ikus-soft | 1 Rdiffweb | 2025-05-15 | 9.8 Critical |
| Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0. | ||||
| CVE-2022-3457 | 1 Ikus-soft | 1 Rdiffweb | 2025-05-15 | 9.8 Critical |
| Origin Validation Error in GitHub repository ikus060/rdiffweb prior to 2.5.0a5. | ||||
| CVE-2022-3439 | 1 Ikus-soft | 1 Rdiffweb | 2025-05-14 | 9.8 Critical |
| Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0. | ||||