Falhas do tipo CWE-285
1.302 resultadosCVE-2022-30722MEDIUMImplicit Intent hijacking vulnerability in Samsung Account prior to SMR Jun-2022 Release 1 allows attackers to bypass user confirmation of SEPSS 0.2%CVE-2025-71242MEDIUMSPIP < 4.3.6 Authorization Bypass Leading to Content DisclosureEPSS 0.2%CVE-2025-14889MEDIUMCampcodes Advanced Voting Management System Password voters_edit.php improper authorizationEPSS 0.2%CVE-2024-40814HIGHA downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.6, macOS Ventura 13.7. An EPSS 0.2%CVE-2026-33125HIGHFrigate Broken Access Control: Users assigned the viewer role can delete admin and other low-privileged accountsEPSS 0.2%CVE-2026-49278MEDIUMRocket.Chat: Livechat Visitor Profile Disclosure Leaks Bearer Token and Enables Visitor ImpersonationEPSS 0.2%CVE-2026-27912HIGHWindows Kerberos Elevation of Privilege VulnerabilityEPSS 0.2%CVE-2026-1892LOWWeKan REST API boards.js setBoardOrgs improper authorizationEPSS 0.2%CVE-2025-11080MEDIUMzhuimengshaonian wisdom-education ExamInfoController.java selectStudentExamInfoList improper authorizationEPSS 0.2%CVE-2026-42875MEDIUMExternal Secrets Operator: Namespace Isolation Bypass in CAProvider ConfigMap Resolution for SecretStoreEPSS 0.2%CVE-2026-7663CRITICALUnauthenticated Cross-User MCP Resource Access and Tool Execution via Streamable Transport Authorization BypassEPSS 0.2%CVE-2026-24890HIGHOpenEMR Portal Users Can Forge Provider SignaturesEPSS 0.2%CVE-2025-50073MEDIUMVulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affEPSS 0.2%CVE-2026-21724MEDIUMMissing Protected-field Authorization in Provisioning Contact Points APIEPSS 0.2%CVE-2026-34738MEDIUMAVideo: Video Publishing Workflow Bypass via Unauthorized overrideStatus Request ParameterEPSS 0.2%CVE-2017-20238HIGHHirschmann Industrial HiVision Improper Authorization Privilege EscalationEPSS 0.2%CVE-2025-15119LOWJeecgBoot list queryPageList improper authorizationEPSS 0.2%CVE-2025-12304MEDIUMdulaiduwang003 TIME-SEA-PLUS Order Status PayController.java alipayIsSucceed improper authorizationEPSS 0.2%CVE-2026-1894MEDIUMWeKan REST API checklistItems.js Checklist REST Bleed improper authorizationEPSS 0.2%CVE-2025-6525MEDIUM70mai 1S Configuration Config.cgi improper authorizationEPSS 0.2%