8.8

CVSS3.1

CVE-2025-36120 - IBM Storage Virtualize privilege escalation

IBM Storage Virtualize 8.4, 8.5, 8.6, and 8.7 could allow an authenticated user to escalate their privileges in an SSH session due to incorrect authorization checks to access resources.

📅 Published: Aug. 18, 2025, 1:39 p.m. 🔄 Last Modified: Aug. 18, 2025, 1:39 p.m.

7.7

CVSS3.0

CVE-2025-4962 - IDOR Vulnerability in Template Creation via `projectId` Manipulation in lunary-ai/lunary

An Insecure Direct Object Reference (IDOR) vulnerability was identified in the `POST /v1/templates` endpoint of the Lunary API, affecting versions up to 0.8.8. This vulnerability allows authenticated users to create templates in another user's project by altering the `projectId` query parameter. Th…

📅 Published: Aug. 18, 2025, 1:27 p.m. 🔄 Last Modified: Aug. 18, 2025, 1:27 p.m.

4.8

CVSS4.0

CVE-2025-43732 -

Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.10, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.17 and 7.4 GA through update 92 is vulnerable to Insecure Direct Object Reference (IDOR) in the gr…

📅 Published: Aug. 18, 2025, 1:20 p.m. 🔄 Last Modified: Aug. 18, 2025, 1:20 p.m.

0.0