CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

Cvelist•added 2025/12/17 7:51 p.m.•23 views

CVE-2025-34438 AVideo < 20.1 IDOR Arbitrary Video Rotation

AVideo versions prior to 20.1 contain an insecure direct object reference vulnerability allowing users with upload permissions to modify the rotation metadata of any video. The endpoint verifies upload capability but fails to enforce ownership or management rights for the targeted video...

5.3CVSS0.00238EPSS

Exploits0References4

CVE•added 2025/12/17 7:51 p.m.•8 views

CVE-2025-34438

Summary: CVE-2025-34438 affects AVideo versions prior to 20.1. It is an insecure direct object reference (IDOR) where users with upload permissions can modify the rotation metadata of arbitrary videos because the endpoint verifies upload capability but fails to enforce ownership/administrative ri...

8.1CVSS6.4AI score0.00238EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2025/12/17 7:51 p.m.•2 views

CVE-2025-34438 AVideo < 20.1 IDOR Arbitrary Video Rotation

5.3CVSS6.4AI score0.00238EPSS

Exploits0References4

EUVD•added 2025/12/17 7:51 p.m.•3 views

EUVD-2025-203956

AVideo versions prior to 20.0 contain an insecure direct object reference vulnerability allowing users with upload permissions to modify the rotation metadata of any video. The endpoint verifies upload capability but fails to enforce ownership or management rights for the targeted video...

5.3CVSS6.3AI score0.00238EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by