Fallos del tipo CWE-863
2093 resultadosCVE-2025-21506HIGHVulnerability in the Oracle Project Foundation product of Oracle E-Business Suite (component: Technology Foundation). Supported versions thEPSS 0.5%CVE-2024-53553CRITICALAn issue in OPEXUS FOIAXPRESS PUBLIC ACCESS LINK v11.1.0 allows attackers to bypass authentication via crafted web requests.EPSS 0.5%CVE-2023-46992HIGHTOTOLINK A3300R V17.0.0cu.557_B20221024 is vulnerable to Incorrect Access Control. Attackers are able to reset serveral critical passwords wEPSS 0.5%CVE-2026-35490CRITICALchangedetection.io has an Authentication Bypass via Decorator OrderingEPSS 0.5%CVE-2025-26511HIGHCassandra-Lucene-Index allows bypass of Cassandra RBACEPSS 0.5%CVE-2024-11672MEDIUMIncorrect authorization in the add permission component in Devolutions Remote Desktop Manager 2024.2.21 and earlier on Windows allows an autEPSS 0.5%CVE-2026-28808HIGHScriptAlias CGI targets bypass directory auth in inets httpd (mod_auth vs mod_cgi path mismatch)EPSS 0.5%CVE-2024-6593CRITICALWatchGuard Firebox Single Sign-On Agent Management Interface Authentication BypassEPSS 0.5%CVE-2026-35464HIGHpyLoad has an incomplete fix for CVE-2026-33509: unprotected storage_folder enables arbitrary file write to Flask session store and code executionEPSS 0.5%CVE-2024-42473HIGHOpenFGA Authorization BypassEPSS 0.5%CVE-2023-5106HIGHIncorrect Authorization in GitLabEPSS 0.5%CVE-2021-43553LOWOSIsoft PI VisionEPSS 0.5%CVE-2025-53836CRITICALXWiki Rendering is vulnerable to RCE attacks when processing nested macrosEPSS 0.5%CVE-2024-9098HIGHPrivilege Escalation in lunary-ai/lunaryEPSS 0.5%CVE-2024-44196HIGHA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS VenturEPSS 0.5%CVE-2023-25043MEDIUMWordPress Data Tables Generator by Supsystic Plugin <= 1.10.25 is vulnerable to Broken Access ControlEPSS 0.5%CVE-2024-39696HIGHEvmos vulnerable to exploit of smart contract account and vestingEPSS 0.5%CVE-2023-22945MEDIUMIn the GrowthExperiments extension for MediaWiki through 1.39, the growthmanagementorlist API allows blocked users (blocked in ApiManageMentEPSS 0.5%CVE-2025-62506HIGHMinIO vulnerable to privilege escalation via session policy bypass in service accounts and STSEPSS 0.5%CVE-2026-25040MEDIUMBudibase Vulnerable to Privilege Escalation via API Abuse – Creator Can Invite Users with Admin/Any RoleEPSS 0.5%