11634 matches found
CVE-2026-11580 Kali Forms < 2.4.17 - Contributor+ Arbitrary Post Metadata Disclosure via IDOR
The Kali Forms — Contact Form & Drag-and-Drop Builder WordPress plugin before 2.4.17 does not perform a per-object capability check in its post-duplication AJAX action, allowing users with Contributor-level access or above to duplicate any post regardless of owner, post type, or status into a...
Danswer - Insecure Direct Object Reference
The application does not verify whether the attacker is the creator of the file, allowing the attacker to directly call the GET /api/chat/file/fileid interface to view any user's file. id: CVE-2024-9617 info: name: Danswer - Insecure Direct Object Reference author: s4e-io severity: medium...
Masteriyo LMS <= 1.7.3 - Insecure Direct Object Reference
Authentication Bypass Using an Alternate Path or Channel vulnerability in Masteriyo Masteriyo - LMS. Unauth access to course progress.This issue affects Masteriyo - LMS: from n/a through 1.7.3. id: CVE-2024-33939 info: name: Masteriyo LMS = 1.7.3 - Insecure Direct Object Reference author:...
CVE-2026-15637
Improper authorization in the PAM SSH key and certificate retrieval endpoints in Devolutions Server 2026.2.11, 2026.1.22 allows an authenticated low-privileged user to disclose the private key of an SSH key or certificate PAM credential via a direct object reference to the credential identifier...
CVE-2026-15058
Improper authorization in the secure messages deletion endpoint in Devolutions Server 2026.2.11, 2026.1.22 allows an authenticated user to delete another user's messages via a direct object reference to the message identifier...
CVE-2026-15058
Improper authorization in the secure messages deletion endpoint in Devolutions Server 2026.2.11, 2026.1.22 allows an authenticated user to delete another user's messages via a direct object reference to the message identifier...
CVE-2026-15637
Improper authorization in the PAM SSH key and certificate retrieval endpoints in Devolutions Server 2026.2.11, 2026.1.22 allows an authenticated low-privileged user to disclose the private key of an SSH key or certificate PAM credential via a direct object reference to the credential identifier...
CVE-2026-15637
Improper authorization in the PAM SSH key and certificate retrieval endpoints in Devolutions Server 2026.2.11, 2026.1.22 allows an authenticated low-privileged user to disclose the private key of an SSH key or certificate PAM credential via a direct object reference to the credential identifier...
CVE-2026-50299
Integer overflow or wraparound in Windows Storage Spaces Direct allows an unauthorized attacker to execute code with a physical attack...
CVE-2026-49168
Integer overflow or wraparound in Windows Storage Spaces Direct allows an unauthorized attacker to elevate privileges with a physical attack...
CVE-2026-50299
The CVE-2026-50299 entry describes an integer overflow/wraparound in Windows Storage Spaces Direct. Affected component: Storage Spaces Direct (Windows). Root cause: integer overflow allowing an unauthorized attacker to execute code. Impact: code execution with a physical attack vector; CVSS vecto...
CVE-2026-50299 Windows Storage Spaces Direct Remote Code Execution Vulnerability
...
CVE-2026-49168 Storage Spaces Direct Elevation of Privilege Vulnerability
...
CVE-2026-9341
The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.8.0 via the 'savelessonnote', 'getlessonnote', and 'completelessonvideo' AJAX handlers due to missing validation on...
CVE-2026-62422
In JetBrains YouTrack before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 authentication bypass via direct database access leading to administrative access was possible...
CVE-2026-62422
CVE-2026-62422 affects JetBrains YouTrack, with authentication bypass via direct database access that enables administrative access. Affects: YouTrack builds listed in the entry (before 2026.1.13757; 2025.3.148033; 2025.2.148048; 2025.1.148120; 2024.3.148430; 2024.2.148429). The entry does not pr...
CVE-2026-62422
In JetBrains YouTrack before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 authentication bypass via direct database access leading to administrative access was possible...
DedeCMS 5.7 - Path Disclosure
DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include/downmix.inc.php or inc/incarchivesfunctions.php id: CVE-2018-6910 info: name: DedeCMS 5.7 - Path Disclosure author: pikpikcu severity: high description: DedeCMS 5.7 allows remote attackers to discover t...
kernel: iommu: disable SVA when CONFIG_X86 is set
A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...
CVE-2026-61971 WordPress User Profile Picture plugin <= 2.6.3 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Cozmoslabs User Profile Picture metronet-profile-picture allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Profile Picture: from n/a through = 2.6.3...