CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/03/16 2:19 p.m.•4 views

CVE-2026-3111

6.9CVSS0.00261EPSS

Cvelist•added 2026/03/16 9:37 a.m.•27 views

CVE-2026-3111 Multiple vulnerabilities on the Educativa Campus

6.9CVSS0.00261EPSS

Positive Technologies•added 2026/03/16 12:0 a.m.•7 views

PT-2026-25668

Insecure Direct Object Reference IDOR vulnerability in Campus Educativa specifically at the endpoint '/archivos/usuarios/ID/username/thumb AAxAA.jpg' translated as 80x90 and 40x45. Successful exploitation of this vulnerability could allow an unauthenticated attacker to access the profile photos o...

6.9CVSS5.8AI score0.00261EPSS

Hacker One•added 2026/01/21 3:7 a.m.•6 views

Nextcloud: IDOR on ██████ via direct photo URL leads to unauthorized access to deleted and other users' photos

Summary: An Insecure Direct Object Reference IDOR vulnerability exists in the application that allows unauthorized access to photos belonging to other users. The application does not properly validate whether the logged-in user is authorized to access a photo when accessing it via direct URL. Thi...

5.9AI score

EUVD•added 2025/10/03 8:7 p.m.•6 views

EUVD-2024-20772

Malicious code in bioql PyPI...

7.5CVSS8.4AI score0.00411EPSS

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-36661

Malicious code in bioql PyPI...

2.4CVSS4.2AI score0.00287EPSS

RedhatCVE•added 2025/05/23 12:23 a.m.•4 views

CVE-2022-46717

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.2 and iPadOS 16.2. A user with physical access to a locked Apple Watch may be able to view user photos via accessibility features...

2.4CVSS5AI score0.00258EPSS

Vulnrichment•added 2023/06/23 12:0 a.m.•9 views

CVE-2023-32417

This issue was addressed by restricting options offered on a locked device. This issue is fixed in watchOS 9.5. An attacker with physical access to a locked Apple Watch may be able to view user photos or contacts via accessibility features...

5.5AI score0.00287EPSS

Cvelist•added 2023/06/23 12:0 a.m.•20 views

CVE-2023-32417

5.1AI score0.00287EPSS

Prion•added 2023/04/10 7:15 p.m.•19 views

Code injection

2.1CVSS3.6AI score0.00258EPSS

Exploits0References2Affected Software2

Vulnrichment•added 2023/04/10 12:0 a.m.•3 views

CVE-2022-46717

2AI score0.00258EPSS

Cvelist•added 2023/04/10 12:0 a.m.•27 views

CVE-2022-46717

4.4AI score0.00258EPSS

CNVD•added 2020/06/08 12:0 a.m.•5 views

Abstrium Pydio Cells Cross-Site Scripting Vulnerability (CNVD-2020-33352)

Abstrium Pydio Cells is a next-generation file-sharing platform developed in the Go language by Abstrium France. A security vulnerability exists in Abstrium Pydio Cells version 2.0.4. The vulnerability can be exploited by an attacker to access other users' personal photos via a build URL...

5.4CVSS6.9AI score0.00826EPSS

Exploits1References1

HackRead•added 2020/02/27 3:37 p.m.•29 views

Clearview AI firm with photos of billions of unsuspecting users got HACKED

By Deeba Ahmed Clearview AI has billions of photos of innocent and unsuspecting users - Its entire list of clients was reportedly stolen by unknown hackers. This is a post from HackRead.com Read the original post: Clearview AI firm with photos of billions of unsuspecting users got HACKED...

2.7AI score

Wired Threat Level•added 2018/12/14 5:22 p.m.•106 views

Facebook Exposed 6.8 Million Users' Photos to Cap Off a Terrible 2018

In the latest in its long string of 2018 incidents, Facebook let developers access the private photos of millions of users...

3.4AI score

Hacker One•added 2017/09/13 7:51 p.m.•34 views

Cuvva: Insecure Direct Object Reference (IDOR) Allowing me to claim other user's photos (driving license and selfies) as mine

We weren't properly validating the photo fields on customer profiles. Although this couldn't lead to information disclosure or privacy issues, it would have caused various issues with our internal ops systems. Thanks again for another clear and helpful report!...

6.5AI score