Fallos del tipo CWE-863

2110 resultados
CVE-2026-26067MEDIUMOctober: Safe Mode Bypass via CSS Preprocessor CompilersEPSS 0.2%CVE-2026-42349HIGHClerk: Authorization bypass when combining organization, billing, or reverification checksEPSS 0.2%CVE-2024-7062HIGHLocal Privilege Escalation in Nimble Commander <= v1.6.0, Build 4087EPSS 0.2%CVE-2026-53854MEDIUMOpenClaw < 2026.4.25 - Privilege Escalation via ownerAllowFrom Wildcard Inheritance in Internal/Webchat CommandsEPSS 0.2%CVE-2025-3228MEDIUMUnauthorized Guest user access to PlaybookEPSS 0.2%CVE-2026-1471LOWCaching of authentication contextEPSS 0.2%CVE-2026-2208MEDIUMWeKan Rules rules.js RulesBleed authorizationEPSS 0.2%CVE-2023-27903MEDIUMJenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions EPSS 0.2%CVE-2025-59420HIGHAuthlib: JWS/JWT accepts unknown crit headers (RFC violation → possible authz bypass)EPSS 0.2%CVE-2026-33726MEDIUMCilium L7 proxy may bypass Kubernetes NetworkPolicy for same-node trafficEPSS 0.2%CVE-2025-15322MEDIUMTanium addressed an improper access controls vulnerability in Tanium Server.EPSS 0.2%CVE-2024-4811LOWIn affected versions of Octopus Server under certain conditions, a user with specific role assignments can access restricted project artifacEPSS 0.2%CVE-2025-26532LOWTeachers can evade trusttext config when restoring glossary entriesEPSS 0.2%CVE-2026-22624MEDIUMDue to inadequate access control, authenticated users of certain HIKSEMI NAS products can manipulate other users' file resources without proEPSS 0.2%CVE-2026-41379HIGHOpenClaw < 2026.3.28 - Privilege Escalation via chat.send to Admin-Class Talk Voice ConfigEPSS 0.2%CVE-2025-12555MEDIUMIncorrect Authorization in GitLabEPSS 0.2%CVE-2025-13753MEDIUMWP Table Builder <= 2.0.19 - Incorrect Authorization to Authenticated (Subscriber+) Arbitrary Table CreationEPSS 0.2%CVE-2021-3457An improper authorization handling flaw was found in Foreman. The Shellhooks plugin for the smart-proxy allows Foreman clients to execute acEPSS 0.2%CVE-2025-59048HIGHOpenBao AWS Plugin Vulnerable to Cross-Account IAM Role Impersonation in AWS Auth MethodEPSS 0.2%CVE-2024-44114LOWMissing Authorization check in SAP NetWeaver Application Server for ABAP and ABAP PlatformEPSS 0.2%