CWE-639

1,573 vulnerabilities with CWE-639

CVE-2025-13748 MEDIUM

Fluent Forms <6.1.7 - Insecure Direct Object Reference

CVSS 5.3

CVE-2025-66558 LOW

Nextcloud Twofactor WebAuthn <1.4.2, <2.4.1 - Info Disclosure

CVSS 3.1

CVE-2025-66556 LOW

Nextcloud talk <20.1.8-21.1.2 - Info Disclosure

CVSS 3.5

CVE-2025-66553 MEDIUM

Nextcloud Tables <0.8.7 & 0.9.4 - Info Disclosure

CVSS 4.3

CVE-2025-66551 MEDIUM

Nextcloud Tables <0.8.6-0.9.3 - Privilege Escalation

CVSS 6.3

CVE-2025-66513 MEDIUM

Nextcloud Tables <0.8.9, <0.9.6, <1.0.1 - Info Disclosure

CVSS 4.3

CVE-2025-66547 MEDIUM

Nextcloud Server <31.0.1 - Info Disclosure

CVSS 4.3

CVE-2025-66546 LOW

Nextcloud Calendar <4.7.19, 5.5.6, 6.0.1 - Info Disclosure

CVSS 3.3

CVE-2025-13932 HIGH

SolisCloud API - IDOR

CVE-2025-12997 LOW

Medtronic CareLink Network <Dec 4, 2025 - Info Disclosure

CVSS 2.2

CVE-2025-61148 MEDIUM

EduplusCampus 3.0.1 - IDOR

CVSS 6.5

CVE-2025-65097 MEDIUM

RomM <4.4.1-4.4.1-beta.2 - Privilege Escalation

CVSS 6.5

CVE-2025-65096 MEDIUM

RomM <4.4.1-4.4.1-beta.2 - Info Disclosure

CVSS 4.3

CVE-2025-13109 MEDIUM

HUSKY - Products Filter Professional <1.3.7.2 - Info Disclosure

CVSS 4.3

CVE-2025-12954 LOW

MotoPress WordPress <2.4.16 - Info Disclosure

CVSS 2.7

CVE-2025-41086 MEDIUM

Gams < 48.7.0 - IDOR

CVSS 6.5

CVE-2025-66306 MEDIUM

Grav <1.8.0-beta.27 - Info Disclosure

CVSS 4.3

CVE-2025-13615 CRITICAL

StreamTube Core <4.78 - Privilege Escalation

CVSS 9.8

CVE-2025-13768 HIGH

Uniong Webitr < 2_1_0_34 - IDOR

CVSS 7.5

CVE-2025-13157 MEDIUM

QODE Wishlist <1.2.7 - Info Disclosure

CVSS 5.3

CVE-2025-65670 MEDIUM

classroomio <0.1.13 - Info Disclosure

CVSS 4.3

CVE-2025-65672 HIGH

classroomio <0.1.13 - Info Disclosure

CVSS 7.5

CVE-2025-65647 MEDIUM

Phpgurukul Online Shopping Portal - IDOR

CVSS 4.3

CVE-2025-64067 MEDIUM

Primakon Project Contract Management - IDOR

CVSS 5.3

CVE-2025-13452 MEDIUM

WooCommerce: OrderConvo <14 - Missing Authorization

CVSS 4.3