Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2 hours ago5 views

EUVD-2026-35879

BuddyPress 14.4.0 contains an insecure direct object reference vulnerability in the friends REST API that allows any authenticated attacker to enumerate another user's complete friend list. Attackers can query the friends endpoint with an arbitrary userid because the getitemspermissionscheck meth...

5.3CVSS5.6AI score
Exploits0References4
Cvelist
Cvelistadded yesterday4 views

CVE-2026-53675 BuddyPress 14.4.0 Friends List IDOR via REST API

BuddyPress 14.4.0 contains an insecure direct object reference vulnerability in the friends REST API that allows any authenticated attacker to enumerate another user's complete friend list. Attackers can query the friends endpoint with an arbitrary userid because the getitemspermissionscheck meth...

5.3CVSS
Exploits0References3
Positive Technologies
Positive Technologiesadded yesterday4 views

PT-2026-48337

BuddyPress 14.4.0 contains an insecure direct object reference vulnerability in the friends REST API that allows any authenticated attacker to enumerate another user's complete friend list. Attackers can query the friends endpoint with an arbitrary user id because the get items permissions check...

5.3CVSS
Exploits0References4
Malwarebytes
Malwarebytesadded 2026/04/23 7:57 a.m.5 views

Roblox clamps down on chats and age checks as legal pressure builds

Roblox has long faced criticism over child safety on its platform. Now it has started settling with state attorneys over the issue, and the total is climbing fast. On April 21, Alabama Attorney General Steve Marshall announced a $12.2 million settlement with the child-focused online gaming...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2015/06/15 12:0 a.m.15 views

Fedora 21 : armacycles-ad-0.2.8.3.3-1.fc21 (2015-9504)

Changes since 0.2.8.3.2 : - security fix: do not read ahead of the beginning of network buffer. - security fix: don't attribute network errors from processing random packets to the connection to the server - security fix: while at it, don't process random packets unless they may be important - fi...

5.5AI score
Exploits0References1
The Hacker News
The Hacker Newsadded 2013/11/22 8:51 p.m.9 views

Facebook vulnerability allows to view hidden Facebook Friend List

Facebook is one of the most powerful and reliable social networking website. It allows users to interact with other users after being friends with one another. Facebook allows users to make the friend list public or private. If it is made private, your friend list won't appear on your publicly...

6.3AI score
Exploits0
The Hacker News
The Hacker Newsadded 2013/11/22 9:51 a.m.14 views

Facebook vulnerability allows to view hidden Facebook Friend List

None...

7AI score
Exploits0
Rows per page
Query Builder