Total
755 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-4213 | 1 Mikevanwinkle | 1 Simplr Registration Form Plus\+ | 2023-11-07 | N/A | 8.8 HIGH |
| The Simplr Registration Form Plus+ plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.4.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated attackers with subscriber-level permissions or above to change user passwords and potentially take over administrator accounts. | |||||
| CVE-2023-45396 | 1 Elenos | 2 Etg150, Etg150 Firmware | 2023-11-07 | N/A | 6.5 MEDIUM |
| An Insecure Direct Object Reference (IDOR) vulnerability leads to events profiles access in Elenos ETG150 FM transmitter running on version 3.12. | |||||
| CVE-2023-37543 | 1 Cacti | 1 Cacti | 2023-11-07 | N/A | 7.5 HIGH |
| Cacti before 1.2.6 allows IDOR (Insecure Direct Object Reference) for accessing any graph via a modified local_graph_id parameter to graph_xport.php. This is a different vulnerability than CVE-2019-16723. | |||||
| CVE-2023-2548 | 1 Metagauss | 1 Registrationmagic | 2023-11-07 | N/A | 7.2 HIGH |
| The RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 5.2.0.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated attackers, with administrator-level permissions and above, to change user passwords and potentially take over super-administrator accounts in multisite setup. | |||||
| CVE-2023-28109 | 1 Play-with-docker | 1 Play With Docker | 2023-11-07 | N/A | 6.5 MEDIUM |
| Play With Docker is a browser-based Docker playground. Versions 0.0.2 and prior are vulnerable to domain hijacking. Because CORS configuration was not correct, an attacker could use `play-with-docker.com` as an example and set the origin header in an http request as `evil-play-with-docker.com`. The domain would echo in response header, which successfully bypassed the CORS policy and retrieved basic user information. This issue has been fixed in commit ed82247c9ab7990ad76ec2bf1498c2b2830b6f1a. There are no known workarounds. | |||||
| CVE-2023-1750 | 1 Getnexx | 8 Nxal-100, Nxal-100 Firmware, Nxg-100b and 5 more | 2023-11-07 | N/A | 7.1 HIGH |
| The listed versions of Nexx Smart Home devices lack proper access control when executing actions. An attacker with a valid NexxHome deviceId could retrieve device history, set device settings, and retrieve device information. | |||||
| CVE-2023-1749 | 1 Getnexx | 8 Nxal-100, Nxal-100 Firmware, Nxg-100b and 5 more | 2023-11-07 | N/A | 6.5 MEDIUM |
| The listed versions of Nexx Smart Home devices lack proper access control when executing actions. An attacker with a valid NexxHome deviceId could send API requests that the affected devices would execute. | |||||
| CVE-2023-1462 | 1 Vadi | 1 Digikent | 2023-11-07 | N/A | 8.8 HIGH |
| Authorization Bypass Through User-Controlled Key vulnerability in Vadi Corporate Information Systems DigiKent allows Authentication Bypass, Authentication Abuse. This issue affects DigiKent: before 23.03.20. | |||||
| CVE-2022-3995 | 1 Standalonetech | 1 Terawallet | 2023-11-07 | N/A | 4.3 MEDIUM |
| The TeraWallet plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 1.4.3. This is due to insufficient validation of the user-controlled key on the lock_unlock_terawallet AJAX action. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to lock/unlock other users wallets. | |||||
| CVE-2022-3876 | 1 Clickstudios | 1 Passwordstate | 2023-11-07 | N/A | 6.5 MEDIUM |
| A vulnerability, which was classified as problematic, has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This issue affects some unknown processing of the file /api/browserextension/UpdatePassword/ of the component API. The manipulation of the argument PasswordID leads to authorization bypass. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The identifier VDB-216245 was assigned to this vulnerability. | |||||
| CVE-2022-24401 | 1 Midnightblue | 1 Tetra\ | 2023-11-07 | N/A | 8.1 HIGH |
| Adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA keystream generator. IV generation is based upon several TDMA frame counters, which are frequently broadcast by the infrastructure in an unauthenticated manner. An active adversary can manipulate the view of these counters in a mobile station, provoking keystream re-use. By sending crafted messages to the MS and analyzing MS responses, keystream for arbitrary frames can be recovered. | |||||
| CVE-2022-24400 | 1 Midnightblue | 1 Tetra\ | 2023-11-07 | N/A | 5.9 MEDIUM |
| A flaw in the TETRA authentication procecure allows a MITM adversary that can predict the MS challenge RAND2 to set session key DCK to zero. | |||||
| CVE-2022-21713 | 3 Fedoraproject, Grafana, Netapp | 3 Fedora, Grafana, E-series Performance Analyzer | 2023-11-07 | 3.5 LOW | 4.3 MEDIUM |
| Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle user authorization. `/teams/:teamId` will allow an authenticated attacker to view unintended data by querying for the specific team ID, `/teams/:search` will allow an authenticated attacker to search for teams and see the total number of available teams, including for those teams that the user does not have access to, and `/teams/:teamId/members` when editors_can_admin flag is enabled, an authenticated attacker can see unintended data by querying for the specific team ID. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue. | |||||
| CVE-2022-1996 | 2 Fedoraproject, Go-restful Project | 2 Fedora, Go-restful | 2023-11-07 | 6.4 MEDIUM | 9.1 CRITICAL |
| Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0. | |||||
| CVE-2022-0613 | 2 Fedoraproject, Uri.js Project | 2 Fedora, Uri.js | 2023-11-07 | 6.4 MEDIUM | 6.5 MEDIUM |
| Authorization Bypass Through User-Controlled Key in NPM urijs prior to 1.19.8. | |||||
| CVE-2022-1245 | 1 Redhat | 1 Keycloak | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| A privilege escalation flaw was found in the token exchange feature of keycloak. Missing authorization allows a client application holding a valid access token to exchange tokens for any target client by passing the client_id of the target. This could allow a client to gain unauthorized access to additional services. | |||||
| CVE-2021-4142 | 1 Candlepinproject | 1 Candlepin | 2023-11-07 | N/A | 5.5 MEDIUM |
| The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an attacker to use the SCA (simple content access) certificate for authentication with Candlepin. | |||||
| CVE-2021-40579 | 1 Online Enrollment Management System Project | 1 Online Enrollment Management System | 2023-11-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| https://www.sourcecodester.com/ Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 is affected by: Incorrect Access Control. The impact is: gain privileges (remote). | |||||
| CVE-2021-24562 | 1 Lifterlms | 1 Lifterlms | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| The LMS by LifterLMS – Online Course, Membership & Learning Management System Plugin for WordPress plugin before 4.21.2 was affected by an IDOR issue, allowing students to see other student answers and grades | |||||
| CVE-2021-21012 | 1 Adobe | 2 Magento Commerce, Magento Open Source | 2023-11-07 | 4.3 MEDIUM | N/A |
| Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object vulnerability (IDOR) in the checkout module. Successful exploitation could lead to sensitive information disclosure. | |||||