Fallos del tipo CWE-266

963 resultados
CVE-2026-9376MEDIUMJPress UCenter Article Submission Endpoint doWriteSave improper authorizationEPSS 0.3%CVE-2026-2860MEDIUMfeng_ha_ha/megagao ssm-erp/production_ssm EmployeeController.java improper authorizationEPSS 0.3%CVE-2026-6634MEDIUMusememos UpdateInstanceSetting App.tsx memos_access_token improper authorizationEPSS 0.3%CVE-2020-10695An insecure modification flaw in the /etc/passwd file was found in the redhat-sso-7 container. An attacker with access to the container can EPSS 0.3%CVE-2025-14016MEDIUMmacrozheng mall-swarm delete improper authorizationEPSS 0.2%CVE-2025-13576MEDIUMcode-projects Blog Site admin.php improper authorizationEPSS 0.2%CVE-2026-35062HIGHiControl SOAP vulnerabilityEPSS 0.2%CVE-2021-1572HIGHConfD CLI Secure Shell Server Privilege Escalation VulnerabilityEPSS 0.2%CVE-2025-52726HIGHWordPress CouponXxL Custom Post Types plugin <= 3.0 - Privilege Escalation VulnerabilityEPSS 0.2%CVE-2023-49647HIGHZoom Desktop Client for Windows - Improper Access ControlEPSS 0.2%CVE-2025-9602MEDIUMXinhu RockOA index.php publicsaveAjax improper authorizationEPSS 0.2%CVE-2026-56251HIGHCapgo - Privilege Escalation via Broken Row Level Security in org_usersEPSS 0.2%CVE-2025-6531MEDIUMSIFUSM/MZZYG BD S1 RTSP Live Video Stream Endpoint access controlEPSS 0.2%CVE-2019-19355HIGHAn insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-release-operator-sdk. An attacker with access EPSS 0.2%CVE-2025-15084LOWyoulaitech youlai-mall Order Payment OrderController.java orderService.payOrder access controlEPSS 0.2%CVE-2019-19351HIGHAn insecure modification vulnerability in the /etc/passwd file was found in the container openshift/jenkins. An attacker with access to the EPSS 0.2%CVE-2024-37293HIGHaws-deployment-framework's potential risk can lead to privilege escalationEPSS 0.2%CVE-2025-56503MEDIUMAn issue in Sublime HQ Pty Ltd Sublime Text 4 4200 allows authenticated attackers with low-level privileges to escalate privileges to AdminiEPSS 0.2%CVE-2025-14889MEDIUMCampcodes Advanced Voting Management System Password voters_edit.php improper authorizationEPSS 0.2%CVE-2024-25633MEDIUMIn eLabFTW, if administrators can create users, users can tooEPSS 0.2%