Falhas do tipo CWE-285
1.285 resultadosCVE-2021-3616CRITICALA vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow an unauthorized user to view device information, alter EPSS 0.9%CVE-2023-33189CRITICALIncorrect Authorization with specially crafted requestsEPSS 0.9%CVE-2022-22288HIGHImproper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app installation of the allowlist.EPSS 0.9%CVE-2021-22861—Improper access control in GitHub Enterprise Server leading to unauthorized write access to forkable repositoriesEPSS 0.9%CVE-2020-8119—Improper authorization in Nextcloud server 17.0.0 causes leaking of previews and files when a file-drop share link is opened via the galleryEPSS 0.9%CVE-2026-32213CRITICALAzure AI Foundry Elevation of Privilege VulnerabilityEPSS 0.9%CVE-2022-23542HIGHOpenFGA Authorization BypassEPSS 0.9%CVE-2022-3748CRITICALImproper authorization that can lead to account impersonationEPSS 0.9%CVE-2022-26857CRITICALDell OpenManage Enterprise Versions 3.8.3 and prior contain an improper authorization vulnerability. A remote authenticated malicious user wEPSS 0.9%CVE-2021-0260HIGHJunos OS: SNMP fails to properly perform authorization checks on incoming received SNMP requests.EPSS 0.9%CVE-2020-1998MEDIUMPAN-OS: Improper SAML SSO authorization of shared local usersEPSS 0.9%CVE-2025-24418HIGHAdobe Commerce | Improper Authorization (CWE-285)EPSS 0.9%CVE-2022-31025LOWInvite bypasses user approval in DiscourseEPSS 0.9%CVE-2022-3740MEDIUMAn issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 priorEPSS 0.9%CVE-2022-36090HIGHorg.xwiki.platform:xwiki-platform-oldcore Improper Authorization check for inactive usersEPSS 0.9%CVE-2019-3764MEDIUMDell EMC iDRAC7 versions prior to 2.65.65.65, iDRAC8 versions prior to 2.70.70.70 and iDRAC9 versions prior to 3.36.36.36 contain an impropeEPSS 0.9%CVE-2025-30392CRITICALAzure AI Bot Elevation of Privilege VulnerabilityEPSS 0.9%CVE-2023-29338MEDIUMVisual Studio Code Spoofing VulnerabilityEPSS 0.9%CVE-2021-28500CRITICALAn issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration.EPSS 0.9%CVE-2021-42337MEDIUMTVN-202110009EPSS 0.9%