Total
1567 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-55621 | 1 Reolink | 1 Reolink | 2025-10-02 | 6.5 Medium |
| An Insecure Direct Object Reference (IDOR) vulnerability in Reolink v4.54.0.4.20250526 allows unauthorized attackers to access and download other users' profile photos via a crafted URL. NOTE: this is disputed by the Supplier because it is intentional behavior; the photos are part of a social platform on which users expect to find one another. | ||||
| CVE-2025-51533 | 2 Sage, Sagedpw | 2 Dpw, Sage Dpw | 2025-10-01 | 5.3 Medium |
| An Insecure Direct Object Reference (IDOR) in Sage DPW v2024_12_004 and below allows unauthorized attackers to access internal forms via sending a crafted GET request. | ||||
| CVE-2024-52507 | 1 Nextcloud | 1 Tables | 2025-10-01 | 3.5 Low |
| Nextcloud Tables allows users to to create tables with individual columns. The information which Table (numeric ID) is shared with which groups and users and the respective permissions was not limited to affected users. It is recommended that the Nextcloud Tables app is upgraded to 0.8.1. | ||||
| CVE-2024-52511 | 1 Nextcloud | 1 Tables | 2025-10-01 | 6.3 Medium |
| Nextcloud Tables allows users to to create tables with individual columns. By directly specifying the ID of a table or view, a malicious user could blindly insert new rows into tables they have no access to. It is recommended that the Nextcloud Tables is upgraded to 0.8.0. | ||||
| CVE-2024-32045 | 1 Mattermost | 2 Mattermost, Mattermost Server | 2025-09-30 | 5.9 Medium |
| Mattermost versions 9.5.x <= 9.5.3, 9.6.x <= 9.6.1, 8.1.x <= 8.1.12 fail to enforce proper access controls for channel and team membership when linking a playbook run to a channel which allows members to link their runs to private channels they were not members of. | ||||
| CVE-2024-33542 | 1 Crelly Slider Project | 1 Crelly Slider | 2025-09-29 | 4.3 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in Fabio Rinaldi Crelly Slider.This issue affects Crelly Slider: from n/a through 1.4.5. | ||||
| CVE-2025-8789 | 1 Portabilis | 1 I-educar | 2025-09-25 | 4.3 Medium |
| A vulnerability was found in Portabilis i-Educar up to 2.9.0. It has been classified as problematic. This affects an unknown part of the file /module/Api/Diario of the component API Endpoint. The manipulation leads to authorization bypass. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-9081 | 1 Mattermost | 2 Mattermost, Mattermost Server | 2025-09-25 | 3.1 Low |
| Mattermost versions 10.5.x <= 10.5.8, 9.11.x <= 9.11.17 fail to properly validate access controls which allows any authenticated user to download sensitive files via board file download endpoint using UUID enumeration | ||||
| CVE-2024-10439 | 2 Sun.net, Sunnet | 2 Ehrd Ctms, Ehrd Ctms | 2025-09-25 | 5.3 Medium |
| The eHRD CTMS from Sunnet has an Insecure Direct Object Reference (IDOR) vulnerability, allowing unauthenticated remote attackers to modify a specific parameter to access arbitrary files uploaded by any user. | ||||
| CVE-2024-11146 | 1 I3verticals | 1 Truefiling | 2025-09-24 | 6.3 Medium |
| TrueFiling is a collaborative, web-based electronic filing system where attorneys, paralegals, court reporters and self-represented filers collect public legal documentation into cases. TrueFiling is an entirely cloud-hosted application. Prior to version 3.1.112.19, TrueFiling trusted some client-controlled identifiers passed in URL requests to retrieve information. Platform users must self-register for an account, and once authenticated, could manipulate those identifiers to gain partial access to case information and the ability to partially change user access to case information. This vulnerability was addressed in version 3.1.112.19 and all instances were updated by 2024-11-08. | ||||
| CVE-2025-22608 | 1 Coollabs | 1 Coolify | 2025-09-19 | 6.5 Medium |
| Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.361, the missing authorization allows any authenticated user to revoke any team invitations on a Coolify instance by only providing a predictable and incrementing ID, resulting in a Denial-of-Service attack (DOS). Version 4.0.0-beta.361 fixes the issue. | ||||
| CVE-2025-59034 | 1 Cern | 1 Indico | 2025-09-17 | 4.3 Medium |
| Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. Prior to version 3.3.8, a legacy API to retrieve user details could be misused to retrieve profile details of other users without having admin permissions due to a broken access check. Users should to update to Indico 3.3.8 as soon as possible. As a workaround, it is possible to restrict access to the affected API (e.g. in the webserver config). | ||||
| CVE-2025-53640 | 1 Cern | 1 Indico | 2025-09-15 | 6.5 Medium |
| Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. Starting in version 2.2 and prior to version 3.3.7, an endpoint used to display details of users listed in certain fields (such as ACLs) could be misused to dump basic user details (such as name, affiliation and email) in bulk. Version 3.3.7 fixes the issue. Owners of instances that allow everyone to create a user account, who wish to truly restrict access to these user details, should consider restricting user search to managers. As a workaround, it is possible to restrict access to the affected endpoints (e.g. in the webserver config), but doing so would break certain form fields which could no longer show the details of the users listed in those fields, so upgrading instead is highly recommended. | ||||
| CVE-2025-49135 | 2 Cvat, Cvat-ai | 2 Computer Vision Annotation Tool, Cvat | 2025-09-15 | 6.5 Medium |
| CVAT is an open source interactive video and image annotation tool for computer vision. Versions 2.2.0 through 2.39.0 have no validation during the import process of a project or task backup to check that the filename specified in the query parameter refers to a TUS-uploaded file belonging to the same user. As a result, if an attacker with a CVAT account and a `user` role knows the filenames of other users' uploads, they could potentially access and steal data by creating projects or tasks using those files. This issue does not affect annotation or dataset TUS uploads, since in this case object-specific temporary directories are used. Users should upgrade to CVAT 2.40.0 or a later version to receive a patch. No known workarounds are available. | ||||
| CVE-2024-8261 | 1 Prolizyazilim | 1 Student Affairs Information System | 2025-09-12 | 7.5 High |
| Authorization Bypass Through User-Controlled Key vulnerability in Proliz Software OBS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects OBS: before 24.0927. | ||||
| CVE-2024-1107 | 2 Talya Informatics, Talyabilisim | 2 Travel Apps, Travel Apps | 2025-09-12 | 9.8 Critical |
| Authorization Bypass Through User-Controlled Key vulnerability in Talya Informatics Travel APPS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel APPS: before v17.0.68. | ||||
| CVE-2025-9263 | 1 Xuxueli | 1 Xxl-job | 2025-09-11 | 4.3 Medium |
| A vulnerability has been found in Xuxueli xxl-job up to 3.1.1. Affected by this vulnerability is the function getJobsByGroup of the file /src/main/java/com/xxl/job/admin/controller/JobLogController.java. Such manipulation of the argument jobGroup leads to improper control of resource identifiers. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-9264 | 1 Xuxueli | 1 Xxl-job | 2025-09-11 | 5.4 Medium |
| A vulnerability was found in Xuxueli xxl-job up to 3.1.1. Affected by this issue is the function remove of the file /src/main/java/com/xxl/job/admin/controller/JobInfoController.java of the component Jobs Handler. Performing manipulation of the argument ID results in improper control of resource identifiers. Remote exploitation of the attack is possible. The exploit has been made public and could be used. | ||||
| CVE-2024-46982 | 1 Vercel | 1 Next.js | 2025-09-10 | 7.5 High |
| Next.js is a React framework for building full-stack web applications. By sending a crafted HTTP request, it is possible to poison the cache of a non-dynamic server-side rendered route in the pages router (this does not affect the app router). When this crafted request is sent it could coerce Next.js to cache a route that is meant to not be cached and send a `Cache-Control: s-maxage=1, stale-while-revalidate` header which some upstream CDNs may cache as well. To be potentially affected all of the following must apply: 1. Next.js between 13.5.1 and 14.2.9, 2. Using pages router, & 3. Using non-dynamic server-side rendered routes e.g. `pages/dashboard.tsx` not `pages/blog/[slug].tsx`. This vulnerability was resolved in Next.js v13.5.7, v14.2.10, and later. We recommend upgrading regardless of whether you can reproduce the issue or not. There are no official or recommended workarounds for this issue, we recommend that users patch to a safe version. | ||||
| CVE-2025-55370 | 1 Jishenghua | 1 Jsherp | 2025-09-09 | 8.8 High |
| Incorrect access control in the component \controller\ResourceController.java of jshERP v3.5 allows unauthorized attackers to obtain all the corresponding ID data by modifying the ID value. | ||||