Falhas do tipo CWE-862
6.730 resultadosCVE-2022-23945—Apache ShenYu missing authentication allows gateway registrationEPSS 3.8%CVE-2022-2841LOWCrowdStrike Falcon Uninstallation authorizationEPSS 3.7%CVE-2025-10184HIGHOnePlus OxygenOS Telephony provider permission bypassEPSS 3.7%CVE-2022-1054—RSVP and Event Management < 2.7.8 - Unauthenticated Entries ExportEPSS 3.6%CVE-2023-22478HIGHKubePi is vulnerable to missing authorizationEPSS 3.6%CVE-2017-7548—PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privEPSS 3.5%CVE-2022-2461MEDIUMTransposh WordPress Translation <= 1.0.9.6 - Unauthorized Settings ChangeEPSS 3.5%CVE-2019-10184MEDIUMundertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted throEPSS 3.5%CVE-2024-45591MEDIUMXWiki Platform document history including authors of any page exposed to unauthorized actorsEPSS 3.4%CVE-2019-13547—Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. There is an unsecured function that allows anyone who can access the IP address to use tEPSS 3.3%CVE-2026-1830CRITICALQuick Playground <= 1.3.1 - Missing Authorization to Unauthenticated Arbitrary File UploadEPSS 3.1%CVE-2021-24356—Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Arbitrary Plugin ActivationEPSS 3.0%CVE-2025-1562CRITICALRecover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit <= 3.5.3 - Missing Authorization to Unauthenticated Arbitrary Plugin InstallationEPSS 2.9%CVE-2022-48166HIGHAn access control issue in Wavlink WL-WN530HG4 M30HG4.V5030.201217 allows unauthenticated attackers to download configuration data and log fEPSS 2.8%CVE-2022-2379—Easy Student Results <= 2.2.8 - Sensitive Information Disclosure via REST APIEPSS 2.8%CVE-2021-24997—WP Guppy < 1.3 - Sensitive Information DisclosureEPSS 2.8%CVE-2021-27858MEDIUMMissing authorization vulnerability in FatPipe softwareEPSS 2.7%CVE-2024-7135MEDIUMTainacan <= 0.21.7 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File ReadEPSS 2.7%CVE-2025-45854CRITICAL/server/executeExec of JEHC-BPM 2.0.1 allows attackers to execute arbitrary code via execParams.EPSS 2.7%CVE-2009-3168HIGHMevin Productions Basic PHP Events Lister 2.0 does not properly restrict access to (1) admin/reset.php and (2) admin/user_add.php, which allEPSS 2.6%