Fallos del tipo CWE-862

6679 resultados

CVE-2022-0543CRITICALIt was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escapeEPSS 99.7%KEV CVE-2023-52163HIGHDigiever DS-2105 Pro 3.1.0.71-11 devices allow time_tzsetup.cgi Command Injection. NOTE: This vulnerability only affects products that are nEPSS 96.3%KEV CVE-2022-1329HIGHElementor Website Builder 3.6.0 - 3.6.2 - Missing Authorization to Remote Code ExecutionEPSS 92.9%CVE-2023-6875CRITICALPOST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress <= 2.8.7 - Authorization Bypass via type connect-app APIEPSS 90.3%CVE-2021-21307HIGHRemote Code Exploit in Lucee AdminEPSS 89.2%CVE-2025-20362MEDIUMUpdate: On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisco Secure ASA Software or Cisco Secure FTEPSS 85.5%KEV CVE-2023-26035HIGHZoneMinder vulnerable to Missing AuthorizationEPSS 80.5%CVE-2022-23944—Apache ShenYu 2.4.1 Improper access controlEPSS 79.0%CVE-2024-41730CRITICALMissing Authentication check in SAP BusinessObjects Business Intelligence PlatformEPSS 75.6%CVE-2024-31997CRITICALXWiki Platform remote code execution from account through UIExtension parametersEPSS 73.9%CVE-2021-45467CRITICALIn CWP (aka Control Web Panel or CentOS Web Panel) before 0.9.8.1107, an unauthenticated attacker can use %00 bytes to cause /user/loader.phEPSS 70.9%CVE-2025-8943CRITICALUnsupervised OS command execution leads to remote code execution by unauthenticated network attackersEPSS 70.9%CVE-2022-0218HIGHWP HTML Mail <= 3.0.9 Missing Authorization on REST-API RouteEPSS 70.5%CVE-2025-6205CRITICALMissing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025EPSS 69.2%KEV CVE-2021-30657MEDIUMA logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. A EPSS 68.5%KEV CVE-2025-11833CRITICALPost SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App <= 3.6.0 - Missing Authorization to Account Takeover via Unauthenticated Email Log DisclosureEPSS 51.0%CVE-2024-1380MEDIUMRelevanssi – A Better Search <= 4.22.0 (Free) and <= 2.25.0 (Premium) - Missing Authorization to Unauthenticated Query Log ExportEPSS 50.2%CVE-2023-25573HIGHImproper access control to download file in metersphereEPSS 49.9%CVE-2021-21246HIGHPre-Auth Access token leakEPSS 49.3%CVE-2020-36239CRITICALJira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5.16, from 8.6.0 before 8.13.8, from 8.14.0 bEPSS 48.9%

← anteriorpágina 1 / 334siguiente →