Fallos del tipo CWE-639
1528 resultadosCVE-2023-31182HIGH EasyTor Applications – Authorization BypassEPSS 0.6%CVE-2024-53406HIGHEspressif Esp idf v5.3.0 is vulnerable to Insecure Permissions resulting in Authentication bypass. In the reconnection phase, the device reuEPSS 0.6%CVE-2022-43492MEDIUMWordPress Comments – wpDiscuz plugin 7.4.2 - Auth. Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.6%CVE-2023-42455HIGHWazuh vulnerable to user privilege escalationEPSS 0.6%CVE-2023-49339MEDIUMEllucian Banner 9.17 allows Insecure Direct Object Reference (IDOR) via a modified bannerId to the /StudentSelfService/ssb/studentCard/retriEPSS 0.6%CVE-2023-45380CRITICALIn the module "Order Duplicator " Clone and Delete Existing Order" (orderduplicate) in version <= 1.1.7 from Silbersaiten for PrestaShop, a EPSS 0.6%CVE-2024-9097LOWIDOREPSS 0.6%CVE-2024-8290HIGHWCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible <= 6.7.12 - Insecure Direct Object Reference to Account Takeover/Privilege EscalationEPSS 0.6%CVE-2024-31815CRITICALIn TOTOLINK EX200 V4.0.3c.7314_B20191204, an attacker can obtain the configuration file without authorization through /cgi-bin/ExportSettingEPSS 0.6%CVE-2025-27507CRITICALIDOR Vulnerabilities in ZITADEL's Admin API that Primarily Impact LDAP ConfigurationsEPSS 0.6%CVE-2023-35876HIGHWordPress WooCommerce Square Plugin <= 3.8.1 is vulnerable to Insecure Direct Object References (IDOR)EPSS 0.6%CVE-2025-45968CRITICALAn issue in System PDV v1.0 allows a remote attacker to obtain sensitive information via the hash parameter in a URL. The application contaiEPSS 0.6%CVE-2022-1613MEDIUMRestricted Site Access < 7.3.2 - Access Bypass via IP SpoofingEPSS 0.6%CVE-2022-34138HIGHInsecure direct object references (IDOR) in the web server of Biltema IP and Baby Camera Software v124 allows attackers to access sensitive EPSS 0.6%CVE-2024-9862CRITICALMiniorange OTP Verification with Firebase <= 3.6.0 - Unauthenticated Arbitrary User Password ChangeEPSS 0.6%CVE-2022-3331LOWAn issue has been discovered in GitLab EE affecting all versions starting from 14.5 before 15.1.6, all versions starting from 15.2 before 15EPSS 0.6%CVE-2023-45892HIGHAn issue discovered in the Order and Invoice pages in Floorsight Insights Q3 2023 allows an unauthenticated remote attacker to view sensitivEPSS 0.6%CVE-2023-45893HIGHAn indirect Object Reference (IDOR) in the Order and Invoice pages in Floorsight Customer Portal Q3 2023 allows an unauthenticated remote atEPSS 0.6%CVE-2022-4812HIGHAuthorization Bypass Through User-Controlled Key in usememos/memosEPSS 0.6%CVE-2023-44205LOWSensitive information disclosure due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, WindowEPSS 0.6%