Falhas do tipo CWE-862
6.793 resultadosCVE-2023-39966HIGH1Panel arbitrary file write vulnerability exists in the backgroundEPSS 0.7%CVE-2023-2415MEDIUMOnline Booking & Scheduling Calendar for WordPress by vcita <= 4.2.10 - Missing Authorization to Account LogoutEPSS 0.7%CVE-2021-34629MEDIUMSendGrid <= 1.11.8 – Authorization BypassEPSS 0.7%CVE-2020-36715HIGHLogin/Signup Popup < 1.5 - Missing AuthorizationEPSS 0.7%CVE-2026-5464HIGHExactMetrics <= 9.1.2 - Authenticated (Editor+) Arbitrary Plugin Installation/Activation via exactmetrics_connect_processEPSS 0.7%CVE-2023-3126MEDIUMB2BKing <= 4.6.00 - Missing Authorization to Authenticated(Subscriber+) Information DisclosureEPSS 0.7%CVE-2022-4501HIGHMega Addons For WPBakery Page Builder <= 4.3.0 - Authenticated (Subscriber+) Settings UpdateEPSS 0.7%CVE-2023-3714HIGHProfileGrid <= 5.5.2 - Missing Authorization to Arbitrary Group Option Modification and Privilege EscalationEPSS 0.7%CVE-2024-3585MEDIUMSend PDF for Contact Form 7 <= 1.0.2.3 - Missing AuthorizationEPSS 0.7%CVE-2023-23895MEDIUMWordPress WP Time Slots Booking Form plugin <= 1.1.82 - Broken Access Control vulnerabilityEPSS 0.7%CVE-2024-45168CRITICALAn issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Data is transferred over a raw socket without any authentication EPSS 0.7%CVE-2024-21234HIGHVulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected areEPSS 0.7%CVE-2024-54466MEDIUMAn authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS VEPSS 0.7%CVE-2022-45636HIGHAn issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker to unlock model(s) without authorization viEPSS 0.7%CVE-2013-10072HIGHNagios XI < 2012R1.6 Auto-Discovery Missing AuthorizationEPSS 0.7%CVE-2024-3235MEDIUMEssential Grid <= 3.1.1 - Unauthenticated Private Post DisclosureEPSS 0.7%CVE-2023-48375HIGHSmartStar Software CWS Web-Base - Broken Access ControlEPSS 0.7%CVE-2021-42848MEDIUMAn information disclosure vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an unauthenticated user EPSS 0.7%CVE-2023-25035MEDIUMWordPress Quick Contact Form plugin <= 8.0.3.1 - Broken Access Control vulnerabilityEPSS 0.7%CVE-2023-1114CRITICALImproper Input Validation on e-BelediyeEPSS 0.7%