Falhas do tipo CWE-639
1.528 resultadosCVE-2024-55506HIGHAn IDOR vulnerability in CodeAstro's Complaint Management System v1.0 (version with 0 updates) enables an attacker to execute arbitrary codeEPSS 0.7%CVE-2023-1462HIGHIDOR in DigikentEPSS 0.7%CVE-2023-2883HIGHIDOR in CBOT's ChatbotEPSS 0.7%CVE-2023-2702HIGHIDOR in Finex Media's Competition Management SystemEPSS 0.7%CVE-2024-22206CRITICAL@clerk/nextjs auth() and getAuth() methods vulnerable to insecure direct object reference (IDOR)EPSS 0.7%CVE-2024-48217HIGHAn Insecure Direct Object Reference (IDOR) in the dashboard of SiSMART v7.4.0 allows attackers to execute a horizontal-privilege escalation.EPSS 0.7%CVE-2023-2844HIGHAuthorization Bypass Through User-Controlled Key in cloudexplorer-dev/cloudexplorer-liteEPSS 0.7%CVE-2021-36329MEDIUMDell EMC Streaming Data Platform versions before 1.3 contain an Indirect Object Reference Vulnerability. A remote malicious user may potentiEPSS 0.7%CVE-2024-10121MEDIUMwfh45678 Radar Interface authorizationEPSS 0.7%CVE-2024-11300HIGHImproper Access Control in lunary-ai/lunaryEPSS 0.7%CVE-2023-30550MEDIUMIDOR vulnerability exists in metersphereEPSS 0.7%CVE-2024-33383HIGHArbitrary File Read vulnerability in novel-plus 4.3.0 and before allows a remote attacker to obtain sensitive information via a crafted GET EPSS 0.7%CVE-2024-2574HIGHSourceCodester Employee Task Management System edit-task.php authorizationEPSS 0.7%CVE-2023-0967MEDIUMBhima version 1.27.0 allows an attacker authenticated with normal user permissions to view sensitive data of other application users and datEPSS 0.7%CVE-2024-2577HIGHSourceCodester Employee Task Management System update-employee.php authorizationEPSS 0.7%CVE-2024-2575HIGHSourceCodester Employee Task Management System task-details.php authorizationEPSS 0.7%CVE-2024-2576HIGHSourceCodester Employee Task Management System update-admin.php authorizationEPSS 0.7%CVE-2022-33077HIGHAn access control issue in nopcommerce v4.50.2 allows attackers to arbitrarily modify any customer's address via the addressedit endpoint.EPSS 0.7%CVE-2022-43326HIGHAn Insecure Direct Object Reference (IDOR) vulnerability in the password reset function of Telos Alliance Omnia MPX Node 1.0.0-1.4.[*] allowEPSS 0.7%CVE-2024-23112HIGHAn authorization bypass through user-controlled key vulnerability [CWE-639] in FortiOS version 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0EPSS 0.7%