4469 matches found
EUVD-2025-13657
Malicious code in bioql PyPI...
EUVD-2024-48952
Malicious code in bioql PyPI...
EUVD-2025-1977
Malicious code in bioql PyPI...
EUVD-2024-2850
Malicious code in bioql PyPI...
EUVD-2024-3590
Malicious code in bioql PyPI...
EUVD-2025-17650
Malicious code in bioql PyPI...
CVE-2025-59687
IMPAQTR Aurora before 1.36 allows Insecure Direct Object Reference attacks against the users list, organization details, bookmarks, and notifications of an arbitrary organization...
Discourse < 3.5.1 Multiple Vulnerabilities
Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...
CVE-2025-58055
Discourse vulnerability CVE-2025-58055 affects version 3.5.0 and earlier, where AI suggestion endpoints for Title, Category, and Tags can disclose information from restricted topics by altering topic_id in API requests. The root cause is improper access control at the AI helper endpoints, enablin...
CVE-2025-59687
IMPAQTR Aurora before 1.36 allows Insecure Direct Object Reference attacks against the users list, organization details, bookmarks, and notifications of an arbitrary organization...
CVE-2025-41091
Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a lack of adequate validation of user input, allowing an authenticated user to access to calendar details using unauthorised internal identifiers...
CVE-2025-41094
Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a lack of adequate validation of user input, allowing an authenticated user to access to functional contract details using unauthorised internal identifiers...
CVE-2025-41096
Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a lack of adequate validation of user input, allowing an authenticated user to access to the dates of the current contract details using unauthorised internal identifiers...
CVE-2025-41095
Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a lack of adequate validation of user input, allowing an authenticated user to access to planning counter details using unauthorised internal identifiers...
CVE-2025-56392
An Insecure Direct Object Reference IDOR in the /dashboard/notes endpoint of Syaqui Collegetivity v1.0.0 allows attackers to impersonate other users and perform arbitrary operations via a crafted POST request...
Kazaar 安全漏洞
Kazaar is a print marketing fulfillment platform from Kazaar, Inc. A security vulnerability exists in Kazaar version 1.25.12 that stems from allowing modification of the order-id parameter, which could lead to an insecure direct object reference attack...
CVE-2025-59687
The CVE describes an Insecure Direct Object Reference vulnerability in IMPAQTR Aurora pre-1.36. Affected product: IMPAQTR Aurora. Vulnerable component: the data access to users list, organization details, bookmarks, and notifications for an arbitrary organization due to improper access control of...
CVE-2025-59687
IMPAQTR Aurora before 1.36 allows Insecure Direct Object Reference attacks against the users list, organization details, bookmarks, and notifications of an arbitrary organization...
IMPAQTR Aurora 安全漏洞
IMPAQTR Aurora is a data statistics platform from IMPAQTR Belgium. A security vulnerability exists in IMPAQTR Aurora versions prior to 1.36 that stems from an insecure direct object reference that could lead to access to arbitrary organizational information...
PT-2025-40253
Name of the Vulnerable Software and Affected Versions IMPAQTR Aurora versions prior to 1.36 Description The software contains an Insecure Direct Object Reference issue. This allows unauthorized access to the users list, organization details, bookmarks, and notifications of an arbitrary...