Lucene search
+L

93 matches found

Vulnrichment
Vulnrichment
added 2025/12/17 7:50 p.m.4 views

CVE-2025-34436 AVideo < 20.1 IDOR Arbitrary File Upload

AVideo versions prior to 20.1 allow any authenticated user to upload files into directories belonging to other users due to an insecure direct object reference. The upload functionality verifies authentication but does not enforce ownership checks...

8.7CVSS6.5AI score0.00383EPSS
Exploits0References4
CVE
CVE
added 2025/12/05 6:0 p.m.18 views

CVE-2025-66558

The issue affects Nextcloud Twofactor WebAuthn (WebAuthn Two-Factor Provider). Before versions 1.4.2 and 2.4.1, a missing ownership check allowed an attacker to remove a victim’s WebAuthn 2FA device by correctly guessing an 80–128 character random string. After a successful guess, the victim was ...

4.3CVSS6.2AI score0.00235EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2025/12/05 5:15 p.m.30 views

CVE-2025-66551 Nextcloud Tables is missing an ownership check which allows moving columns into tables of other users

Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.6 and 0.9.3, a malicious user was able to create their own table and then move a column to a victims table. This vulnerability is fixed in 0.8.6 and 0.9.3...

6.3CVSS0.00214EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/05 5:15 p.m.5 views

CVE-2025-66551 Nextcloud Tables is missing an ownership check which allows moving columns into tables of other users

Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.6 and 0.9.3, a malicious user was able to create their own table and then move a column to a victims table. This vulnerability is fixed in 0.8.6 and 0.9.3...

6.3CVSS6.3AI score0.00214EPSS
Exploits0References4
Nextcloud
Nextcloud
added 2025/12/05 7:55 a.m.12 views

Missing ownership check in Tables app allows moving columns into tables of other users

None...

6.3CVSS5.2AI score0.00214EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/12/04 12:0 a.m.6 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI open source. A security vulnerability exists in Open WebUI version v0.6.33, which stems from the API /api/tasks/stop/ direct access and cancel tasks without verifying user ownership, which could lead an...

4.3CVSS6.5AI score0.00263EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/11/20 9:36 p.m.10 views

CVE-2025-65033

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an authorization flaw in the poll management feature allows any authenticated user to pause or resume any poll, regardless of ownership. The system only uses the public pollId to identify polls, and it does not...

8.1CVSS6.6AI score0.00323EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/11/19 5:24 p.m.2 views

CVE-2025-65029 Rallly Has an IDOR Vulnerability in Participant Deletion Endpoint Allows Unauthorized Removal of Poll Participants

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an insecure direct object reference IDOR vulnerability allows any authenticated user to delete arbitrary participants from polls without ownership verification. The endpoint relies solely on a participant ID to...

8.1CVSS6.4AI score0.00323EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/10/20 12:0 a.m.7 views

PT-2025-42792

Name of the Vulnerable Software and Affected Versions FileRise versions prior to 1.4.0 Description FileRise is a self-hosted web-based file manager. A flaw in file/folder handling allows low-privilege users to perform unauthorized operations view, delete, modify on files created by other users...

8.1CVSS6.3AI score0.00285EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2025/08/19 7:6 p.m.6 views

CVE-2025-55737 flaskBlog arbitrary comment delete

flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, when deleting a comment, there's no validation of the ownership of the comment. Every user can delete an arbitrary comment of another user on every post, by simply intercepting the delete request and changing the commentID. The code...

6.9CVSS7.4AI score0.00274EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/08/19 12:0 a.m.9 views

PT-2025-33855 · Flaskblog · Flaskblog

Name of the Vulnerable Software and Affected Versions: flaskBlog versions prior to 2.8.0 Description: flaskBlog is a blog application built with Flask. A flaw exists where there is no validation of comment ownership during deletion. This allows any user to delete comments belonging to other users...

6.9CVSS7.1AI score0.00274EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/08/18 1:27 p.m.24 views

CVE-2025-4962 IDOR Vulnerability in Template Creation via `projectId` Manipulation in lunary-ai/lunary

An Insecure Direct Object Reference IDOR vulnerability was identified in the POST /v1/templates endpoint of the Lunary API, affecting versions up to 0.8.8. This vulnerability allows authenticated users to create templates in another user's project by altering the projectId query parameter. The ro...

7.7CVSS0.00217EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2010/07/01 6:0 p.m.7 views

kernel: GFS2: The setflags ioctl() doesn't check file ownership

The dogfs2setflags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request...

4.6CVSS7.3AI score0.00384EPSS
Exploits0References4
Rows per page
Query Builder