Total
656 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-22023 | 1 Vmware | 3 Cloud Foundation, Vrealize Operations Manager, Vrealize Suite Lifecycle Manager | 2024-08-03 | 7.2 High |
| The vRealize Operations Manager API (8.x prior to 8.5) has insecure object reference vulnerability. A malicious actor with administrative access to vRealize Operations Manager API may be able to modify other users information leading to an account takeover. | ||||
| CVE-2021-21324 | 1 Glpi-project | 1 Glpi | 2024-08-03 | 6.8 Medium |
| GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI before version 9.5.4 there is an Insecure Direct Object Reference (IDOR) on "Solutions". This vulnerability gives an unauthorized user the ability to enumerate GLPI items names (including users logins) using the knowbase search form (requires authentication). To Reproduce: Perform a valid authentication at your GLPI instance, Browse the ticket list and select any open ticket, click on Solution form, then Search a solution form that will redirect you to the endpoint /"glpi/front/knowbaseitem.php?item_itemtype=Ticket&item_items_id=18&forcetab=Knowbase$1", and the item_itemtype=Ticket parameter present in the previous URL will point to the PHP alias of glpi_tickets table, so just replace it with "Users" to point to glpi_users table instead; in the same way, item_items_id=18 will point to the related column id, so changing it too you should be able to enumerate all the content which has an alias. Since such id(s) are obviously incremental, a malicious party could exploit the vulnerability simply by guessing-based attempts. | ||||
| CVE-2021-21255 | 1 Glpi-project | 1 Glpi | 2024-08-03 | 5.8 Medium |
| GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI version 9.5.3, it was possible to switch entities with IDOR from a logged in user. This is fixed in version 9.5.4. | ||||
| CVE-2021-20599 | 1 Mitsubishielectric | 16 R08psfcpu, R08psfcpu Firmware, R08sfcpu and 13 more | 2024-08-03 | 9.1 Critical |
| Cleartext Transmission of Sensitive InformationCleartext transmission of sensitive information vulnerability in MELSEC iQ-R series Safety CPU R08/16/32/120SFCPU firmware versions "26" and prior and MELSEC iQ-R series SIL2 Process CPU R08/16/32/120PSFCPU firmware versions "11" and prior allows a remote unauthenticated attacker to login to a target CPU module by obtaining credentials other than password. | ||||
| CVE-2021-4142 | 2 Candlepinproject, Redhat | 3 Candlepin, Satellite, Satellite Capsule | 2024-08-03 | 5.5 Medium |
| The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an attacker to use the SCA (simple content access) certificate for authentication with Candlepin. | ||||
| CVE-2021-3992 | 1 Kimai2 Project | 1 Kimai2 | 2024-08-03 | 6.5 Medium |
| kimai2 is vulnerable to Improper Access Control | ||||
| CVE-2021-3965 | 1 Hp | 54 Designjet T1530 L2y23a, Designjet T1530 L2y23a Firmware, Designjet T1530 L2y24a and 51 more | 2024-08-03 | 7.5 High |
| Certain HP DesignJet products may be vulnerable to unauthenticated HTTP requests which allow viewing and downloading of print job previews. | ||||
| CVE-2021-3964 | 1 Elgg | 1 Elgg | 2024-08-03 | 5.9 Medium |
| elgg is vulnerable to Authorization Bypass Through User-Controlled Key | ||||
| CVE-2021-3852 | 1 Weseek | 1 Growi | 2024-08-03 | 7.5 High |
| growi is vulnerable to Authorization Bypass Through User-Controlled Key | ||||
| CVE-2021-3813 | 1 Chatwoot | 1 Chatwoot | 2024-08-03 | 6.5 Medium |
| Improper Privilege Management in GitHub repository chatwoot/chatwoot prior to v2.2. | ||||
| CVE-2021-3380 | 1 Height8tech | 1 H8 Ssrms | 2024-08-03 | 6.5 Medium |
| Insecure direct object reference (IDOR) vulnerability in ICREM H8 SSRMS allows attackers to disclose sensitive information via the Print Invoice Functionality. | ||||
| CVE-2022-46179 | 1 Liuos Project | 1 Liuos | 2024-08-03 | 9.2 Critical |
| LiuOS is a small Python project meant to imitate the functions of a regular operating system. Version 0.1.0 and prior of LiuOS allow an attacker to set the GITHUB_ACTIONS environment variable to anything other than null or true and skip authentication checks. This issue is patched in the latest commit (c658b4f3e57258acf5f6207a90c2f2169698ae22) by requiring the var to be set to true, causing a test script to run instead of being able to login. A potential workaround is to check for the GITHUB_ACTIONS environment variable and set it to "" (no quotes) to null the variable and force credential checks. | ||||
| CVE-2022-45927 | 1 Opentext | 1 Opentext Extended Ecm | 2024-08-03 | 8.8 High |
| An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The Java application server can be used to bypass the authentication of the QDS endpoints of the Content Server. These endpoints can be used to create objects and execute arbitrary code. | ||||
| CVE-2022-45175 | 1 Liveboxcloud | 1 Vdesk | 2024-08-03 | 6.5 Medium |
| An issue was discovered in LIVEBOX Collaboration vDesk through v018. An Insecure Direct Object Reference can occur under the 5.6.5-3/doc/{ID-FILE]/c/{N]/{C]/websocket endpoint. A malicious unauthenticated user can access cached files in the OnlyOffice backend of other users by guessing the file ID of a target file. | ||||
| CVE-2022-44005 | 1 Backclick | 1 Backclick | 2024-08-03 | 5.3 Medium |
| An issue was discovered in BACKCLICK Professional 5.9.63. Due to the use of consecutive IDs in verification links, the newsletter sign-up functionality is vulnerable to the enumeration of subscribers' e-mail addresses. Furthermore, it is possible to subscribe and verify other persons' e-mail addresses to newsletters without their consent. | ||||
| CVE-2022-43450 | 1 Xwp | 1 Stream | 2024-08-03 | 4.3 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in XWP Stream.This issue affects Stream: from n/a through 3.9.2. | ||||
| CVE-2022-43326 | 1 Telosalliance | 2 Omnia Mpx Node, Omnia Mpx Node Firmware | 2024-08-03 | 7.5 High |
| An Insecure Direct Object Reference (IDOR) vulnerability in the password reset function of Telos Alliance Omnia MPX Node 1.0.0-1.4.[*] allows attackers to arbitrarily change user and Administrator account passwords. | ||||
| CVE-2022-41479 | 1 Devexpress | 1 Asp.net Web Forms Controls | 2024-08-03 | 7.5 High |
| The DevExpress Resource Handler (ASPxHttpHandlerModule) in DevExpress ASP.NET Web Forms Build v19.2.3 does not verify the referenced objects in the /DXR.axd?r= HTTP GET parameter. This leads to an Insecure Direct Object References (IDOR) vulnerability which allows attackers to access the application source code. NOTE: the vendor disputes this because the retrieved source code is only the DevExpress client-side application code that is, of course, intentionally readable by web browsers (a site's custom code and data is never accessible via an IDOR approach). | ||||
| CVE-2022-42175 | 1 Soluslabs | 1 Solusvm | 2024-08-03 | 8.8 High |
| Insecure Direct Object Reference vulnerability in WHMCS module SolusVM 1 4.1.2 allows an attacker to change the password and hostname of other customer servers without authorization. | ||||
| CVE-2022-42129 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2024-08-03 | 4.3 Medium |
| An Insecure direct object reference (IDOR) vulnerability in the Dynamic Data Mapping module in Liferay Portal 7.3.2 through 7.4.3.4, and Liferay DXP 7.3 before update 4, and 7.4 GA allows remote authenticated users to view and access form entries via the `formInstanceRecordId` parameter. | ||||