Falhas do tipo CWE-285
1.302 resultadosCVE-2025-22168MEDIUMJira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of senEPSS 0.2%CVE-2025-22174MEDIUMJira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of senEPSS 0.2%CVE-2025-22177MEDIUMJira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of senEPSS 0.2%CVE-2025-22173MEDIUMJira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of senEPSS 0.2%CVE-2026-56295MEDIUMCapgo - Policy Enforcement Bypass in Webhook Management Endpoints via Non-Expiring API KeysEPSS 0.2%CVE-2025-22176MEDIUMJira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of senEPSS 0.2%CVE-2025-22170MEDIUMJira Align is vulnerable to an authorization issue. A low-privilege user without sufficient privileges to perform an action could if they inEPSS 0.2%CVE-2026-2209MEDIUMWeKan Custom Translation translationBody.js setCreateTranslation improper authorizationEPSS 0.2%CVE-2026-55956MEDIUMApache Tomcat: Security constraints for default servlet ignored methodEPSS 0.2%CVE-2026-6938MEDIUMIBM® Db2® is vulnerable to authorization bypass when uploading to a remote object storage path with a special queryEPSS 0.2%CVE-2025-2850MEDIUMGL.iNet GL-A1300 Slate Plus Download Interface improper authorizationEPSS 0.2%CVE-2026-40305MEDIUMDNN has Force Friend Request AcceptanceEPSS 0.2%CVE-2026-56310MEDIUMCap-go - Authorization Bypass in Organization Members Endpoint via API Key Scope BypassEPSS 0.2%CVE-2025-32964MEDIUMManageWiki vulnerable to permission bypass when disabling extensions requiring certain permissions in Special:ManageWiki/extensionsEPSS 0.2%CVE-2026-31869MEDIUMDiscourse: Composer mentions endpoint leaks hidden group membership through PM `allowed_names` checkEPSS 0.2%CVE-2022-34434MEDIUMCloud Mobility for Dell Storage versions 1.3.0 and earlier contains an Improper Access Control vulnerability within the Postgres database. AEPSS 0.2%CVE-2025-22171MEDIUMJira Align is vulnerable to an authorization issue. A low-privilege user is able to alter the private checklists of other users.EPSS 0.2%CVE-2026-28881MEDIUMA privacy issue was addressed by moving sensitive data. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive userEPSS 0.2%CVE-2026-56231HIGHCapgo - Broken Object Level Authorization in Build Job Control via jobId ParameterEPSS 0.2%CVE-2023-21440MEDIUMImproper access control vulnerability in WindowManagerService prior to SMR Feb-2023 Release 1 allows attackers to take a screen capture.EPSS 0.2%