Fallos del tipo CWE-285
1293 resultadosCVE-2022-39356HIGHDiscourse user account takeover via email and invite linkEPSS 0.6%CVE-2025-1607MEDIUMSourceCodester Best Employee Management System salary_slip.php authorizationEPSS 0.6%CVE-2024-47876HIGHSakai: Kernel users created with type roleview can login as a normal userEPSS 0.6%CVE-2024-48921HIGHKyverno's PolicyException objects can be created in any namespace by defaultEPSS 0.6%CVE-2023-27594MEDIUMCilium vulnerable to potential network policy bypass when routing IPv6 traffic EPSS 0.6%CVE-2024-52528CRITICALAuth Token can be passed dummy or wrong the middleware response is 200 OKEPSS 0.6%CVE-2024-11073MEDIUMSourceCodester Hospital Management System delete-account.php improper authorizationEPSS 0.6%CVE-2025-53795CRITICALMicrosoft PC Manager Elevation of Privilege VulnerabilityEPSS 0.6%CVE-2023-52139CRITICALMisskey vulnerable to improper authorization when accessing with third-party applicationEPSS 0.5%CVE-2022-29490HIGHA vulnerability exists in the Workplace X WebUI in which an authenticated user is able to execute any MicroSCADA internal scripts irrespective of the authenticated user's role.EPSS 0.5%CVE-2023-0914MEDIUMImproper Authorization in pixelfed/pixelfedEPSS 0.5%CVE-2023-0583MEDIUMVK Blocks <= 1.57.0.5 - Authenticated(Contributor+) Settings UpdateEPSS 0.5%CVE-2023-5808HIGHSystem Management Unit (SMU) versions prior to 14.8.7825.01, used to manage Hitachi Vantara NAS products are susceptible to unintended information disclosure via unprivileged access to HNAS configuration backup and diagnostic data.EPSS 0.5%CVE-2025-49594CRITICALXWiki OIDC Authenticator vulnerable to creation of token for any user with just `view` rightEPSS 0.5%CVE-2025-3537MEDIUMTutorials-Website Employee Management System update-user.php improper authorizationEPSS 0.5%CVE-2022-26773HIGHA logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. An application may be able toEPSS 0.5%CVE-2022-32170MEDIUMbytebase - Improper AuthorizationEPSS 0.5%CVE-2022-32169MEDIUMbytebase - Improper AuthorizationEPSS 0.5%CVE-2023-30948MEDIUMRetrieval of Attachments to Comments lacks AuthorizationEPSS 0.5%CVE-2025-0484MEDIUMFanli2012 native-php-cms Backend sysconfig_doedit.php improper authorizationEPSS 0.5%