• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-639

CVE-2020-14174

February 26, 2023 by

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view titles of a private project via an Insecure Direct Object References (IDOR) vulnerability in the Administration Permission Helper. The affected versions are before version 7.13.6, from version 8.0.0 before 8.5.7, from version 8.6.0 before 8.9.2, and from version 8.10.0 before 8.10.1.

CVE-2020-13923

February 26, 2023 by

IDOR vulnerability in the order processing feature from ecommerce component of Apache OFBiz before 17.12.04

CVE-2020-13700

February 26, 2023 by

An issue was discovered in the acf-to-rest-api plugin through 3.1.0 for WordPress. It allows an insecure direct object reference via permalinks manipulation, as demonstrated by a wp-json/acf/v3/options/ request that reads sensitive information in the wp_options table, such as the login and pass values.

CVE-2020-13462

February 26, 2023 by

Insecure Direct Object Reference (IDOR) exists in Tufin SecureChange, affecting all versions prior to R20-2 GA. Fixed in version R20-2 GA.

CVE-2020-13357

February 26, 2023 by

An issue was discovered in Gitlab CE/EE versions >= 13.1 to = 13.5 to = 13.6 to <13.6.2 allowed an unauthorized user to access the user list corresponding to a feature flag in a project.

CVE-2020-12643

February 26, 2023 by

OX App Suite 7.10.3 and earlier has Incorrect Access Control via an /api/subscriptions request for a snippet containing an email address.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 7
  • Go to page 8
  • Go to page 9
  • Go to page 10
  • Go to page 11
  • Interim pages omitted …
  • Go to page 50
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE