Fallos del tipo CWE-285

1302 resultados
CVE-2025-3013HIGHInsecure direct object references (IDOR) in NightWolf Penetration PlatformEPSS 0.3%CVE-2025-20264MEDIUMCisco Identity Services Engine Authorization Bypass VulnerabilityEPSS 0.3%CVE-2026-56350MEDIUMn8n - SSO Enforcement Bypass via APIEPSS 0.3%CVE-2026-2105MEDIUMyeqifu warehouse Department Management DeptController.java deleteDept improper authorizationEPSS 0.3%CVE-2026-46668LOWSpiceDB: Caveat structures with nested lists can result in improper cache reuseEPSS 0.3%CVE-2026-4549LOWmickasmt next-saas-stripe-starter Stripe API open-customer-portal.ts openCustomerPortal authorizationEPSS 0.3%CVE-2026-10269MEDIUMdecolua 9router HTTP Header dashboardGuard.js isAuthenticated improper authorizationEPSS 0.3%CVE-2026-4171MEDIUMCodeGenieApp serverless-express API Endpoint TodoList.ts authorizationEPSS 0.3%CVE-2024-47165MEDIUMCORS origin validation accepts the null origin in GradioEPSS 0.3%CVE-2025-8790MEDIUMPortabilis i-Educar API Endpoint pessoa improper authorizationEPSS 0.3%CVE-2024-21987MEDIUMImproper Authorization Vulnerability in SnapCenterEPSS 0.3%CVE-2026-5529MEDIUMDromara lamp-cloud DefUserController pageUser improper authorizationEPSS 0.3%CVE-2026-9484MEDIUMSourceCodester Student Grades Management System classroom.php removeStudentFromClassroom improper authorizationEPSS 0.3%CVE-2026-11521MEDIUMMohammed-eid35 bank-management-system-springboot Transaction Endpoint TransactionController.java improper authorizationEPSS 0.3%CVE-2026-2676MEDIUMGoogTech sms-ssm API LoginInterceptor.java preHandle improper authorizationEPSS 0.3%CVE-2026-7713MEDIUMcrocodilestick Calibre-Web-Automated Kobo auth-token Route kobo_auth.py generate_auth_token improper authorizationEPSS 0.3%CVE-2026-1597MEDIUMBdtask SalesERP Administrative Endpoint improper authorizationEPSS 0.3%CVE-2026-34056HIGHOpenEMR has a Privilege Escalation that Allows a Low-Level User to View Admin-Only DataEPSS 0.3%CVE-2025-12777MEDIUMYITH WooCommerce Wishlist <= 4.10.0 - Unauthenticated Wishlist Token Disclosure to Wishlist Item DeletionEPSS 0.3%CVE-2026-6571MEDIUMkodcloud KodExplorer systemRole.class.php roleGroupAction authorizationEPSS 0.3%