Weaknesses of type CWE-863

2,098 results
CVE-2026-32758MEDIUMFile Browser has an Access Rule Bypass via Path Traversal in Copy/Rename Destination ParameterEPSS 0.4%CVE-2024-3379CRITICALIncorrect Authorization in lunary-ai/lunaryEPSS 0.4%CVE-2023-4658LOWIncorrect Authorization in GitLabEPSS 0.4%CVE-2026-24740HIGHDozzle Agent Label-Based Access Control Bypass Allows Unauthorized Container Shell AccessEPSS 0.4%CVE-2024-11176MEDIUMIncorrect evaluation of effective permissions in M-Files AinoEPSS 0.4%CVE-2024-31842HIGHAn issue was discovered in Italtel Embrace 1.6.4. The web application inserts the access token of an authenticated user inside GET requests.EPSS 0.4%CVE-2023-25749MEDIUMAndroid applications with unpatched vulnerabilities can be launched from a browser using Intents, exposing users to these vulnerabilities. FEPSS 0.4%CVE-2023-20871HIGHVMware Fusion contains a local privilege escalation vulnerability. A malicious actor with read/write access to the host operating system canEPSS 0.4%CVE-2023-39965MEDIUM1Panel Unauthorized access in BackendEPSS 0.4%CVE-2025-7773HIGHRockwell Automation ArmorBlock 5000 I/O – Web Server VulnerabilitiesEPSS 0.4%CVE-2021-25097LabTools <= 1.0 - Subscriber+ Arbitrary Publication DeletionEPSS 0.4%CVE-2023-1158MEDIUMHitachi Vantara Pentaho Business Analytics Server - Incorrect Authorization EPSS 0.4%CVE-2023-3920MEDIUMIncorrect Authorization in GitLabEPSS 0.4%CVE-2025-9957LOWIncorrect Authorization in GitLabEPSS 0.4%CVE-2026-26205HIGHopa-envoy-plugin has an Authorization Bypass via Double-Slash Path Misinterpretation in `input.parsed_path`EPSS 0.4%CVE-2026-29182HIGHParse Server: Cloud Hooks and Cloud Jobs bypass `readOnlyMasterKey` write restrictionEPSS 0.4%CVE-2023-6564MEDIUMIncorrect Authorization in GitLabEPSS 0.4%CVE-2024-3331MEDIUMSpotfire: NTLM token leakageEPSS 0.4%CVE-2026-41050CRITICALHelm impersonation bypass of `RESTClientGetter` retains `cluster-admin` during template renderingEPSS 0.4%CVE-2025-43921MEDIUMGNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE:EPSS 0.4%