Weaknesses of type CWE-639

1,582 results
CVE-2023-3286HIGHA BOLA vulnerability in POST /secretaries in EasyAppointments < 1.5.0EPSS 0.3%CVE-2023-3289HIGHA BOLA vulnerability in POST /services in EasyAppointments < 1.5.0EPSS 0.3%CVE-2025-2301MEDIUMIDOR in Akbim Software's Online Exam RegistrationEPSS 0.3%CVE-2025-67909HIGHWordPress Membership For WooCommerce plugin <= 3.0.3 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.3%CVE-2024-10689MEDIUMXLTab – Accordions and Tabs for Elementor Page Builder <= 1.4 - Authenticated (Contributor+) Post DisclosureEPSS 0.3%CVE-2021-27700HIGHSOCIFI Socifi Guest wifi as SAAS wifi portal is affected by Insecure Permissions. Any authorized customer with partner mode can switch to anEPSS 0.3%CVE-2026-3999HIGHBroken access control vulnerability affecting ID ServerEPSS 0.3%CVE-2024-6534MEDIUMDirectus 10.13.0 - Insecure object reference via PATH presetsEPSS 0.3%CVE-2026-28781HIGHCraft Affected by Entries Authorship Spoofing via Mass AssignmentEPSS 0.3%CVE-2025-24976MEDIUMDistribution's token authentication allows attacker to inject an untrusted signing key in a JWTEPSS 0.3%CVE-2026-25005MEDIUMWordPress Frontend File Manager plugin <= 23.5 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.3%CVE-2026-45760HIGHApache Camel K: Camel K Cross-Namespace Build Deputy AttackEPSS 0.3%CVE-2025-7355MEDIUMIDOR in Beefull Energy Technologies' Beefull AppEPSS 0.3%CVE-2025-0058MEDIUMInformation Disclosure vulnerability in SAP Business Workflow and SAP Flexible WorkflowEPSS 0.3%CVE-2025-13615CRITICALStreamTube Core <= 4.78 - Unauthenticated Arbitrary User Password ChangeEPSS 0.3%CVE-2025-3091HIGHMB connect line: Authorization bypass in mbCONNECT24/mymbCONNECT24EPSS 0.3%CVE-2026-22235HIGHOPEXUS eComplaint IDOREPSS 0.3%CVE-2024-55231MEDIUMAn IDOR vulnerability in the edit-notes.php module of PHPGurukul Online Notes Sharing Management System v1.0 allows unauthorized users to moEPSS 0.3%CVE-2025-65887MEDIUMA division-by-zero vulnerability in the flow.floor_divide() component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) EPSS 0.3%CVE-2023-53930HIGHProjectSend r1605 Insecure Direct Object Reference File Download VulnerabilityEPSS 0.3%