OWASP Top 10 list. OWASP's website is kind of a mess in my opinion, but there are numerous external write-ups about the top vulnerability types.

https://www.cloudflare.com/learning/security/threats/owasp-t...

Also this github repo maintained by OWASP seems pretty exhaustive. The cheatsheets directory has a lot of different vulnerability classes.

https://github.com/OWASP/CheatSheetSeries/blob/master/cheats...

This "Insecure Direct Object Reference" was recently combined into the "Broken Access Control" category with a few others.

Thanks!