7 matches found
EUVD-2023-54140
Malicious code in bioql PyPI...
CVE-2024-1127
The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the bookingexportall function in all versions up to, and including, 3.4.1. This makes it possible for authenticated attackers, with...
CVE-2025-32367
The Oz Forensics face recognition application before 4.0.8 late 2023 allows PII retrieval via /statistic/list Insecure Direct Object Reference. NOTE: the number 4.0.8 was used for both the unpatched and patched versions...
CVE-2025-32367
The Oz Forensics face recognition application before 4.0.8 late 2023 allows PII retrieval via /statistic/list Insecure Direct Object Reference. NOTE: the number 4.0.8 was used for both the unpatched and patched versions...
CVE-2025-32367
The Oz Forensics face recognition application before 4.0.8 late 2023 allows PII retrieval via /statistic/list Insecure Direct Object Reference. NOTE: the number 4.0.8 was used for both the unpatched and patched versions...
PT-2025-16145 · Unknown · Oz Forensics
Name of the Vulnerable Software and Affected Versions: Oz Forensics face recognition application versions prior to 4.0.8 Description: The issue allows PII retrieval via /statistic/list Insecure Direct Object Reference. Recommendations: For versions prior to 4.0.8, consider disabling access to the...
CVE-2025-32367
CVE-2025-32367 affects the Oz Forensics face recognition application prior to version 4.0.8 (late 2023). The root cause is an Insecure Direct Object Reference flaw in the /statistic/list endpoint, which could allow retrieval of PII. Public references from NVD/Red Hat describe the vulnerability, w...