Fallos del tipo CWE-863

2101 resultados
CVE-2024-47159MEDIUMIn JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore workflows attached to a projectEPSS 0.3%CVE-2025-32971LOWXWiki Solr script service doesn't take dropped programming right into accountEPSS 0.3%CVE-2026-2619MEDIUMIncorrect Authorization in GitLabEPSS 0.3%CVE-2023-26245HIGHAn issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR.S5W_L001.001.211214. The AppUpgrade binary file, wEPSS 0.3%CVE-2023-26246HIGHAn issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR.S5W_L001.001.211214. The AppUpgrade binary file, wEPSS 0.3%CVE-2026-3009HIGHOrg.keycloak/keycloak-services: improper enforcement of disabled identity provider in identitybrokerservice (authentication bypass)EPSS 0.3%CVE-2024-25149MEDIUMLiferay Portal 7.2.0 through 7.4.1, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 15, and oEPSS 0.3%CVE-2023-26244HIGHAn issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR.S5W_L001.001.211214. The AppDMClient binary file, EPSS 0.3%CVE-2025-21582MEDIUMVulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Supported versions that aEPSS 0.3%CVE-2026-35604HIGHFile Browser share links remain accessible after Share/Download permissions are revokedEPSS 0.3%CVE-2025-30093HIGHHTCondor 23.0.x before 23.0.22, 23.10.x before 23.10.22, 24.0.x before 24.0.6, and 24.6.x before 24.6.1 allows authenticated attackers to byEPSS 0.3%CVE-2026-28282LOWDiscourse vulnerable to group membership addition permission bypass via discourse-policy pluginEPSS 0.3%CVE-2023-5553HIGHDuring internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the protection for device tampering (commonly kEPSS 0.3%CVE-2025-9376MEDIUMBlock Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection <= 11.58 - Insufficient Authorization to Unauthenticated Blocklist BypassEPSS 0.3%CVE-2021-3469Foreman versions before 2.3.4 and before 2.4.0 is affected by an improper authorization handling flaw. An authenticated attacker can impersoEPSS 0.3%CVE-2026-41375HIGHOpenClaw < 2026.3.28 - Authorization Bypass in /phone arm and /phone disarm EndpointsEPSS 0.3%CVE-2026-26012MEDIUMvaultwarden has Full Cipher Enumeration Ignoring Organization Collection PermissionsEPSS 0.3%CVE-2025-30751HIGHVulnerability in the Oracle Database component of Oracle Database Server. Supported versions that are affected are 19.27 and 23.4-23.8. EEPSS 0.3%CVE-2026-33676MEDIUMVikunja has Cross-Project Information Disclosure via Task Relations — Missing Authorization Check on Related Task ReadEPSS 0.3%CVE-2024-36364MEDIUMIn JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 improper access control in Pull Requests and Commit status publisherEPSS 0.3%