Fallos del tipo CWE-285
1285 resultadosCVE-2022-39341MEDIUMOpenFGA Authorization BypassEPSS 0.9%CVE-2022-39342MEDIUMOpenFGA Authorization BypassEPSS 0.9%CVE-2019-1859HIGHCisco Small Business Switches Secure Shell Certificate Authentication Bypass VulnerabilityEPSS 0.9%CVE-2023-0813HIGHNetwork-observability-console-plugin-container: setting loki authtoken configuration to disable or host mode leads to authentication longer being enforcedEPSS 0.9%CVE-2024-26193MEDIUMAzure Migrate Remote Code Execution VulnerabilityEPSS 0.9%CVE-2021-23140CRITICALImproper Authorization vulnerability in Gallagher Command Centre Server allows command line macros to be modified by an unauthorised CommandEPSS 0.9%CVE-2020-5250HIGHPossible information disclosure in PrestaShopEPSS 0.9%CVE-2020-5251HIGHInformation disclosure in parse-serverEPSS 0.8%CVE-2021-28501CRITICALAn issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration.EPSS 0.8%CVE-2021-41313—Affected versions of Atlassian Jira Server and Data Center allow authenticated but non-admin remote attackers to edit email batch configuratEPSS 0.8%CVE-2024-2317LOWBdtask Hospital AutoManager Prescription Page improper authorizationEPSS 0.8%CVE-2025-23042HIGHGradio Blocked Path ACL Bypass VulnerabilityEPSS 0.8%CVE-2024-21137MEDIUMVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 aEPSS 0.8%CVE-2025-49701HIGHMicrosoft SharePoint Remote Code Execution VulnerabilityEPSS 0.8%CVE-2024-43731MEDIUMAdobe Experience Manager | Improper Authorization (CWE-285)EPSS 0.8%CVE-2019-15610—Improper authorization in the Circles app 0.17.7 causes retaining access when an email address was removed from a circle.EPSS 0.8%CVE-2023-41841HIGHAn improper authorization vulnerability in Fortinet FortiOS 7.0.0 - 7.0.11 and 7.2.0 - 7.2.4 allows an attacker belonging to the prof-admin EPSS 0.8%CVE-2024-11860MEDIUMSourceCodester Best House Rental Management System POST Request ajax.php improper authorizationEPSS 0.8%CVE-2022-30746HIGHMissing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access senstive information remotely using javascript intEPSS 0.8%CVE-2024-7578MEDIUMAlien Technology ALR-F800 cmd.php improper authorizationEPSS 0.8%