Falhas do tipo CWE-863
2.089 resultadosCVE-2024-35187CRITICALStalwart Mail Server has privilege escalation by designEPSS 0.7%CVE-2024-21010CRITICALVulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: Simphony Enterprise Server). EPSS 0.7%CVE-2021-1143MEDIUMCisco Connected Mobile Experiences User Enumeration VulnerabilityEPSS 0.7%CVE-2022-46308HIGHSGUDA U-Lock - Broken Access ControlEPSS 0.7%CVE-2022-46307HIGHSGUDA U-Lock - Broken Access ControlEPSS 0.7%CVE-2024-36265CRITICALApache Submarine Server Core: authorization bypassEPSS 0.7%CVE-2023-30429CRITICALApache Pulsar: Incorrect Authorization for Function Worker when using mTLS Authentication through Pulsar ProxyEPSS 0.7%CVE-2022-0334—A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. Insufficient capabiliEPSS 0.7%CVE-2024-8001MEDIUMVIWIS LMS Print authorizationEPSS 0.7%CVE-2021-24282—Redirection for Contact Form 7 < 2.3.4 - Unprotected AJAX ActionsEPSS 0.7%CVE-2024-24779MEDIUMApache Superset: Improper data authorization when creating a new datasetEPSS 0.7%CVE-2023-27523MEDIUMApache Superset: Improper data permission validation on Jinja templated queriesEPSS 0.7%CVE-2023-24051HIGHA client side rate limit issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges via brute foEPSS 0.7%CVE-2023-24052HIGHAn issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain control of the device via the change password functionaEPSS 0.7%CVE-2025-24407HIGHAdobe Commerce | Incorrect Authorization (CWE-863)EPSS 0.7%CVE-2022-45891CRITICALPlanet eStream before 6.72.10.07 allows attackers to call restricted functions, and perform unauthenticated uploads (Upload2.ashx) or accessEPSS 0.7%CVE-2021-24905—Advanced Contact form 7 DB < 1.8.7 - Subscriber+ Arbitrary File DeletionEPSS 0.7%CVE-2021-3956MEDIUMA read-only authentication bypass vulnerability was reported in the Third Quarter 2021 release of Lenovo XClarity Controller (XCC) firmware EPSS 0.7%CVE-2023-3459HIGHExport and Import Users and Customers <= 2.4.1 - Missing Authorization to Authenticated (Shop Manager) Arbitrary User Password ChangeEPSS 0.7%CVE-2020-23362HIGHInsecure Permissons vulnerability found in Shop_CMS YerShop all versions allows a remote attacker to escalate privileges via the cover_id paEPSS 0.7%