Weaknesses of type CWE-639
1,528 resultsCVE-2025-27939MEDIUMGrowatt Cloud portal Authorization Bypass Through User-Controlled KeyEPSS 0.7%CVE-2022-4686HIGHAuthorization Bypass Through User-Controlled Key in usememos/memosEPSS 0.7%CVE-2022-42129MEDIUMAn Insecure direct object reference (IDOR) vulnerability in the Dynamic Data Mapping module in Liferay Portal 7.3.2 through 7.4.3.4, and LifEPSS 0.7%CVE-2024-34457MEDIUMApache StreamPark IDOR VulnerabilityEPSS 0.7%CVE-2023-2978MEDIUMAbstrium Pydio Cells Change Subscription authorizationEPSS 0.7%CVE-2020-26068MEDIUMCisco Telepresence CE Software and RoomOS Software Unauthorized Token Generation VulnerabilityEPSS 0.7%CVE-2023-2548MEDIUMRegistrationMagic <= 5.2.0.5 - Authenticated (Admin+) Insecure Direct Object Reference to Arbitrary User Password ChangeEPSS 0.7%CVE-2022-45175MEDIUMAn issue was discovered in LIVEBOX Collaboration vDesk through v018. An Insecure Direct Object Reference can occur under the 5.6.5-3/doc/{IDEPSS 0.7%CVE-2024-8791CRITICALDonation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress <= 1.8.1.14 - Insecure Direct Object Reference to Account Takeover and Privilege EscalationEPSS 0.7%CVE-2023-0882HIGHAuthorization Bypass Through User-Controlled Key on Single ConnectEPSS 0.7%CVE-2022-4798HIGHAuthorization Bypass Through User-Controlled Key in usememos/memosEPSS 0.7%CVE-2023-28109MEDIUMPlay With Docker vulnerable to Authorization Bypass Through User-Controlled KeyEPSS 0.7%CVE-2024-29194HIGHOneUptime Vulnerable to a Privilege Escalation via Local Storage Key ManipulationEPSS 0.7%CVE-2023-28686MEDIUMDino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. EPSS 0.7%CVE-2024-39223CRITICALAn authentication bypass in the SSH service of gost v2.11.5 allows attackers to intercept communications via setting the HostKeyCallback funEPSS 0.7%CVE-2022-4505HIGHAuthorization Bypass Through User-Controlled Key in openemr/openemrEPSS 0.7%CVE-2024-23747HIGHThe Moderna Sistemas ModernaNet Hospital Management System 2024 is susceptible to an Insecure Direct Object Reference (IDOR) vulnerability. EPSS 0.7%CVE-2022-3589HIGHMiele: Vulnerability in cloud service used by appWashEPSS 0.7%CVE-2024-1075LOWMinimal Coming Soon – Coming Soon Page <= 2.37 - Unauthenticated Maintenance Mode BypassEPSS 0.7%CVE-2026-5234MEDIUMLatePoint <= 5.3.2 - Insecure Direct Object Reference to Unauthenticated Sensitive Financial Data Exposure via Sequential Invoice IDEPSS 0.7%