| CVE-2025-67796 |
high |
8.1 |
8.1 |
23d ago |
IKUS Rdiffweb allows an attacker with any valid or stolen access token to act as other users |
|
| CVE-2023-5289 |
unknown |
— |
— |
3y ago |
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.8.4. |
|
| CVE-2023-4138 |
unknown |
— |
— |
3y ago |
RDiffWeb vulnerable to Allocation of Resources Without Limits or Throttling |
|
| CVE-2022-4722 |
unknown |
— |
— |
4y ago |
Authentication Bypass by Primary Weakness in GitHub repository ikus060/rdiffweb prior to 2.5.5. |
|
| CVE-2022-4721 |
unknown |
— |
— |
4y ago |
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository ikus060/rdiffweb prior to 2.5.5. |
|
| CVE-2022-4719 |
unknown |
— |
— |
4y ago |
Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.5. |
|
| CVE-2022-4720 |
unknown |
— |
— |
4y ago |
Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.5. |
|
| CVE-2022-4724 |
unknown |
— |
— |
4y ago |
Improper Access Control in GitHub repository ikus060/rdiffweb prior to 2.5.5. |
|
| CVE-2022-4723 |
unknown |
— |
— |
4y ago |
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.5. |
|
| CVE-2022-4644 |
unknown |
— |
— |
4y ago |
Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.4. |
|
| CVE-2022-4646 |
unknown |
— |
— |
4y ago |
Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.5.4. |
|
| CVE-2022-4314 |
unknown |
— |
— |
4y ago |
Improper Privilege Management in GitHub repository ikus060/rdiffweb prior to 2.5.2. |
|
| CVE-2022-4018 |
unknown |
— |
— |
4y ago |
Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6. |
|
| CVE-2022-3362 |
unknown |
— |
— |
4y ago |
Insufficient Session Expiration in GitHub repository ikus060/rdiffweb prior to 2.5.0. |
|
| CVE-2022-3363 |
unknown |
— |
— |
4y ago |
Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.0a7. |
|
| CVE-2022-3327 |
unknown |
— |
— |
4y ago |
Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6. |
|
| CVE-2022-3439 |
unknown |
— |
— |
4y ago |
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0. |
|
| CVE-2022-3457 |
unknown |
— |
— |
4y ago |
Origin Validation Error in GitHub repository ikus060/rdiffweb prior to 2.5.0a5. |
|
| CVE-2022-3456 |
unknown |
— |
— |
4y ago |
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0. |
|
| CVE-2022-3438 |
unknown |
— |
— |
4y ago |
Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.0a4. |
|
| CVE-2022-3273 |
unknown |
— |
— |
4y ago |
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a4. |
|
| CVE-2022-3376 |
unknown |
— |
— |
4y ago |
Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.5.0a4. |
|
| CVE-2022-3389 |
unknown |
— |
— |
4y ago |
Path Traversal in GitHub repository ikus060/rdiffweb prior to 2.4.10. |
|
| CVE-2022-3371 |
unknown |
— |
— |
4y ago |
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a3. |
|
| CVE-2022-3326 |
unknown |
— |
— |
4y ago |
Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.9. |
|
| CVE-2022-3364 |
unknown |
— |
— |
4y ago |
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a3. |
|
| CVE-2022-3292 |
unknown |
— |
— |
4y ago |
Use of Cache Containing Sensitive Information in GitHub repository ikus060/rdiffweb prior to 2.4.8. |
|
| CVE-2022-3301 |
unknown |
— |
— |
4y ago |
Improper Cleanup on Thrown Exception in GitHub repository ikus060/rdiffweb prior to 2.4.8. |
|
| CVE-2022-3295 |
unknown |
— |
— |
4y ago |
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8. |
|
| CVE-2022-3272 |
unknown |
— |
— |
4y ago |
Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8. |
|
| CVE-2022-3290 |
unknown |
— |
— |
4y ago |
Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8. |
|
| CVE-2022-3298 |
unknown |
— |
— |
4y ago |
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8. |
|
| CVE-2022-3269 |
unknown |
— |
— |
4y ago |
Session Fixation in GitHub repository ikus060/rdiffweb prior to 2.4.7. |
|
| CVE-2022-3274 |
unknown |
— |
— |
4y ago |
Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.7. |
|
| CVE-2022-3267 |
unknown |
— |
— |
4y ago |
Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6. |
|
| CVE-2022-3250 |
unknown |
— |
— |
4y ago |
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.6. |
|
| CVE-2022-3233 |
unknown |
— |
— |
4y ago |
Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6. |
|
| CVE-2022-3232 |
unknown |
— |
— |
4y ago |
Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.5. |
|
| CVE-2022-3221 |
unknown |
— |
— |
4y ago |
Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.3. |
|
| CVE-2022-3174 |
unknown |
— |
— |
4y ago |
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.2. |
|
| CVE-2022-3175 |
unknown |
— |
— |
4y ago |
Missing Custom Error Page in GitHub repository ikus060/rdiffweb prior to 2.4.2. |
|
| CVE-2022-3179 |
unknown |
— |
— |
4y ago |
Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.2. |
|
| CVE-2022-3167 |
unknown |
— |
— |
4y ago |
Improper Restriction of Rendered UI Layers or Frames in GitHub repository ikus060/rdiffweb prior to 2.4.1. |
|