Falhas do tipo CWE-863

2.080 resultados
CVE-2017-18095The SnippetRPCServiceImpl class in Atlassian Crucible before version 4.5.1 (the fixed version 4.5.x) and before 4.6.0 allows remote attackerEPSS 1.1%CVE-2022-45172CRITICALAn issue was discovered in LIVEBOX Collaboration vDesk before v018. Broken Access Control can occur under the /api/v1/registration/validateEEPSS 1.1%CVE-2020-15126MEDIUMInformation disclosure through Viewer query in parse-serverEPSS 1.1%CVE-2021-20283The web service responsible for fetching other users' enrolled courses did not validate that the requesting user had permission to view thatEPSS 1.1%CVE-2020-15278HIGHUnauthorized privilege escalation in Mod moduleEPSS 1.1%CVE-2023-31726HIGHAList 3.15.1 is vulnerable to Incorrect Access Control, which can be exploited by attackers to obtain sensitive information.EPSS 1.1%CVE-2021-1540HIGHCisco ASR 5000 Series Software Authorization Bypass VulnerabilitiesEPSS 1.1%CVE-2022-1466Due to improper authorization, Red Hat Single Sign-On is vulnerable to users performing actions that they should not be allowed to perform. EPSS 1.0%CVE-2020-15120MEDIUMAuthorization Bypass in I hate moneyEPSS 1.0%CVE-2019-3831MEDIUMA vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm EPSS 1.0%CVE-2025-11580MEDIUMPowerJob list authorizationEPSS 1.0%CVE-2023-29381An issue in Zimbra Collaboration (ZCS) v.8.8.15 and v.9.0 allows a remote attacker to escalate privileges and obtain sensitive information vEPSS 1.0%CVE-2021-24757Stylish Price List < 6.9.0 - Unauthenticated Arbitrary Image UploadEPSS 1.0%CVE-2024-38869HIGHIncorrect AuthorizationEPSS 1.0%CVE-2022-44039CRITICALFranklin Fueling System FFS Colibri 1.9.22.8925 is affected by: File system overwrite. The impact is: File system rewrite (remote). ¶¶ An atEPSS 1.0%CVE-2021-21552MEDIUMDell Wyse Windows Embedded System versions WIE10 LTSC 2019 and earlier contain an improper authorization vulnerability. A local authenticateEPSS 1.0%CVE-2021-24872Get Custom Field Values < 4.0 - Contributors+ Arbitrary Post Metadata AccessEPSS 1.0%CVE-2023-45185HIGHIBM i Access Client Solutions code executionEPSS 1.0%CVE-2025-24860MEDIUMApache Cassandra: CassandraNetworkAuthorizer and CassandraCIDRAuthorizer can be bypassed allowing access to different network regionsEPSS 1.0%CVE-2021-21411MEDIUMIncorrect authorization in OAuth2-ProxyEPSS 1.0%