Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-16028

Malicious code in bioql PyPI...

5.3CVSS6.3AI score0.0025EPSS
Exploits0References4
OSV
OSVadded 2024/03/06 11:16 a.m.16 views

BIT-GITLAB-2022-1352

Due to an insecure direct object reference vulnerability in Gitlab EE/CE affecting all versions from 11.0 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1, an endpoint may reveal the issue title to a user who crafted an API call with the ID of the issue from a public project that...

5.3CVSS5.4AI score0.00209EPSS
Exploits0References4
CVE
CVEadded 2022/08/05 3:9 p.m.105 views

CVE-2022-2499

GitLab EE Jira integration contains an insecure direct object reference vulnerability that may allow an attacker to leak Jira issues. Affected GitLab EE versions: 13.10–15.0.4, 15.1–15.1.3, and 15.2–15.2.0. Root cause is an insecure direct object reference in the Jira integration. Remediation by ...

4.3CVSS4.4AI score0.00169EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2022/07/09 12:0 a.m.16 views

GHSA-4V4P-87M3-5423 Known v1.3.1 contains Insecure Direct Object Reference

Known v1.3.1 was discovered to contain an Insecure Direct Object Reference IDOR. The researcher report indicates that versions 1.3.1 and prior are vulnerable. Version 1.2.2 is the last version tagged on GitHub and in Packagist, and development related to the 1.3.x branch is currently on the dev...

4.3CVSS4.6AI score0.00189EPSS
Exploits1References4
Prion
Prionadded 2022/02/02 6:15 p.m.13 views

Design/Logic Flaw

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference IDOR vulnerability that allows an unauthenticated attacker to reassign drivers for any printer...

6.4CVSS9.1AI score0.00796EPSS
Exploits1References7Affected Software1
Cvelist
Cvelistadded 2021/07/21 4:0 p.m.14 views

CVE-2021-32744 Unauthenticated attacker could gain access to currently open files

Collabora Online is a collaborative online office suite. In versions prior to 4.2.17-1 and version 6.4.9-5, unauthenticated attackers are able to gain access to files which are currently opened by other users in the Collabora Online editor. For successful exploitation the attacker is required to...

9.8CVSS9.9AI score0.00748EPSS
Exploits0References1
Prion
Prionadded 2020/12/14 8:15 p.m.11 views

Design/Logic Flaw

Insecure direct object reference vulnerability in Zyxel’s P1302-T10 v3 with firmware version 2.00ABBX.3 and earlier allows attackers to gain privileges and access certain admin pages...

5CVSS7.7AI score0.00276EPSS
Exploits0References1Affected Software1
Hacker One
Hacker Oneadded 2018/07/30 5:57 p.m.16 views

U.S. Dept Of Defense: ████ █████ exposes highly sensitive information to public

Summary: www.██████ is a system used by ██████ for vendors to upload details of their technology for review by ███. Due to an insecure direct object reference vulnerability, all vendor uploads are accessible to the public, without authentication. This includes Unclass//FOUO documents, documents...

6.7AI score
Exploits0
Prion
Prionadded 2010/09/14 5:0 p.m.9 views

Directory traversal

Directory traversal vulnerability in sla/index.php in the Local Management Interface LMI on the IBM Proventia Network Mail Security System PNMSS appliance with firmware before 2.5 allows remote authenticated users to read arbitrary files via a .. dot dot in the l parameter, related to an "Insecur...

4CVSS6.5AI score0.00134EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder