Fallos del tipo CWE-862

6730 resultados
CVE-2021-24831Tab - Accordion, FAQ < 1.3.2 - Unauthenticated AJAX CallsEPSS 1.2%CVE-2024-12558MEDIUMWP BASE Booking of Appointments, Services and Events <= 4.9.2 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure via app_export_dbEPSS 1.2%CVE-2024-48073CRITICALsunniwell HT3300 before 1.0.0.B022.2 is vulnerable to Insecure Permissions. The /usr/local/bin/update program, which is responsible for updaEPSS 1.2%CVE-2022-24317A CWE-862: Missing Authorization vulnerability exists that could cause information exposure when an attacker sends a specific message. AffecEPSS 1.2%CVE-2024-4352HIGHTutor LMS Pro <= 2.7.0 - Missing Authorization to SQL InjectionEPSS 1.2%CVE-2021-22513Missing Authorization vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects version 6EPSS 1.2%CVE-2022-0611MEDIUMMissing Authorization in snipe/snipe-itEPSS 1.2%CVE-2018-14628An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivilEPSS 1.2%CVE-2024-12155CRITICALSV100 Companion <= 2.0.02 - Missing Authorization to Unuathenticated Arbitrary Options UpdateEPSS 1.2%CVE-2026-42569CRITICALphpvms: /importer authorization bypass causing full database wipeEPSS 1.2%CVE-2021-24352Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Unauthenticated Redirect ExportEPSS 1.2%CVE-2025-64404HIGHApache OpenOffice: Remote documents loaded without prompt via background and bullet imagesEPSS 1.2%CVE-2020-26212HIGHAny GLPI CalDAV calendars is read-only for every authenticated userEPSS 1.2%CVE-2024-38353MEDIUMCodiMD - Missing Image Access Controls and Unauthorized Image AccessEPSS 1.2%CVE-2026-28515CRITICALopenDCIM <= 23.04 Missing Authorization in install.phpEPSS 1.2%CVE-2024-0683HIGHBulgarisation for WooCommerce <= 3.0.14 - Missing AuthorizationEPSS 1.2%CVE-2020-14520The affected product is vulnerable to an information leak, which may allow an attacker to obtain sensitive information on the Ignition 8 (alEPSS 1.2%CVE-2020-27220The Eclipse Hono AMQP and MQTT protocol adapters do not check whether an authenticated gateway device is authorized to receive command & conEPSS 1.1%CVE-2020-36725HIGHTI WooCommerce Wishlist <= 1.21.11 and TI WooCommerce Wishlist Pro <= 1.21.4 - Arbitrary Options UpdateEPSS 1.1%CVE-2024-10673HIGHTop Store <= 1.5.4 - Authenticated (Subscriber+) Arbitrary Plugin Installation/ActivationEPSS 1.1%