CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

24 matches found

OSV•added 2026/01/06 4:15 p.m.•3 views

CVE-2020-36923

Sony BRAVIA Digital Signage 1.7.8 contains an insecure direct object reference vulnerability that allows attackers to bypass authorization controls. Attackers can access hidden system resources like '//content-creation' by manipulating client-side access restrictions...

6.9CVSS5.8AI score0.00159EPSS

Exploits2References9

NVD•added 2026/01/06 4:15 p.m.•2 views

CVE-2020-36923

9.8CVSS0.00159EPSS

Exploits2References9

Vulnrichment•added 2026/01/06 3:52 p.m.•1 views

CVE-2020-36923 Sony BRAVIA Digital Signage 1.7.8 Client-Side Protection Bypass via IDOR

9.8CVSS6.5AI score0.00159EPSS

Exploits2References8

Positive Technologies•added 2026/01/06 12:0 a.m.•1 views

PT-2026-1456

9.8CVSS6.9AI score0.00159EPSS

Exploits2References10

EUVD•added 2025/12/23 12:30 a.m.•2 views

EUVD-2023-60244

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an insecure direct object reference vulnerability that allows attackers to bypass authorization and access hidden system resources. Attackers can exploit the vulnerability by manipulating user-supplied input to execute privileged functionalities without...

9.8CVSS6.6AI score0.00385EPSS

Exploits2References5

OSV•added 2025/12/22 10:15 p.m.•1 views

CVE-2023-53955

9.3CVSS5.9AI score0.00385EPSS

Exploits2References4

Vulnrichment•added 2025/12/22 9:37 p.m.•1 views

CVE-2023-53955 SOUND4 IMPACT/FIRST/PULSE/Eco v2.x Authorization Bypass via Insecure Object References

9.8CVSS6.8AI score0.00385EPSS

Exploits2References4

CVE•added 2025/12/22 9:37 p.m.•9 views

CVE-2023-53955

CVE-2023-53955 affects SOUND4 IMPACT/FIRST/PULSE/Eco v2.x. The vulnerability is an insecure direct object reference (IDOR) that allows an attacker to bypass authorization and access privileged functions by manipulating user-supplied input. Affected components include Impact/Pulse/First (v2.x) and...

9.8CVSS6.8AI score0.00385EPSS

Exploits2References4Affected Software1

Positive Technologies•added 2025/12/22 12:0 a.m.•2 views

PT-2025-52696

Name of the Vulnerable Software and Affected Versions SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x Description The software contains an insecure direct object reference issue. This allows attackers to bypass authorization and access hidden system resources. Attackers can exploit the issue by...

9.8CVSS6.7AI score0.00385EPSS

Exploits2References9

RedhatCVE•added 2025/05/23 4:58 a.m.•4 views

CVE-2023-6929

EuroTel ETL3100 versions v01c01 and v01x37 are vulnerable to insecure direct object references that occur when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability, attackers can bypass authorization, access the hidden resources on the...

9.8CVSS7AI score0.00011EPSS

Exploits1

NVD•added 2023/12/19 11:15 p.m.•10 views

CVE-2023-6929

9.8CVSS0.00011EPSS

Exploits1References1

OSV•added 2023/12/19 11:15 p.m.•2 views

CVE-2023-6929

9.8CVSS5.9AI score0.00011EPSS

Exploits1References1

Prion•added 2023/12/19 11:15 p.m.•17 views

Authorization

7.5CVSS7.3AI score0.00011EPSS

Exploits1References1Affected Software1

CVE•added 2023/12/19 11:2 p.m.•39 views

CVE-2023-6929

EuroTel ETL3100, affected versions v01c01 and v01x37, suffer from insecure direct object references (IDOR) that allow bypassing authorization by using user-supplied input to access objects. The root cause is improper access control via direct object access, enabling attackers to reach hidden reso...

9.8CVSS8.8AI score0.00011EPSS

Exploits1References1Affected Software1

CNNVD•added 2023/12/19 12:0 a.m.•2 views

EuroTel ETL3100 Security Vulnerability

The EuroTel ETL3100 is a radio transmitter from EuroTel. A security vulnerability exists in the EuroTel ETL3100 v01c01 version and v01x37 version that originates from a vulnerability that allows an attacker to bypass authorization, access hidden resources on the system, and perform privileged...

9.8CVSS6.7AI score0.00011EPSS

Exploits1References4

CNVD•added 2021/10/08 12:0 a.m.•26 views

ECOA BAS controller unauthorized access vulnerability

ECOA BAS controller is an intelligent lighting control solution. an unauthorized access vulnerability exists in ECOA BAS controller, which can be exploited by remote attackers to bypass authorization to access hidden resources in the system and perform privileged functions...

6.5CVSS4.8AI score0.00233EPSS

Exploits1

NVD•added 2021/09/30 11:15 a.m.•10 views

CVE-2021-41298

ECOA BAS controller is vulnerable to insecure direct object references that occur when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability, attackers with general user's privilege can remotely bypass authorization and access the hidden...

8.8CVSS0.00233EPSS

Exploits1References1

Prion•added 2021/09/30 11:15 a.m.•17 views

Authorization

6.5CVSS8.7AI score0.00233EPSS

Exploits1References1