Falhas do tipo CWE-863
2.089 resultadosCVE-2023-32261MEDIUMDimensions CM Plugin for Jenkins 0.8.17 – 0.9.3EPSS 0.6%CVE-2023-0298MEDIUMIncorrect Authorization in firefly-iii/firefly-iiiEPSS 0.6%CVE-2026-33579CRITICALOpenClaw < 2026.3.28 - Privilege Escalation via Missing Caller Scope Validation in Device Pair ApprovalEPSS 0.6%CVE-2024-13258CRITICALDrupal REST & JSON API Authentication - Moderately critical - Access bypass - SA-CONTRIB-2024-022EPSS 0.6%CVE-2023-1603MEDIUM
Permission bypass when importing or synchronizing entries in User vault
in Devolutions Server 2022.3.13 and prior versions allows users wEPSS 0.6%CVE-2025-21556CRITICALVulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Agile Integration Services). The supported versEPSS 0.6%CVE-2024-24761HIGHGalette public pages accessibility restrictionEPSS 0.6%CVE-2021-40504—A certain template role in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 710, 711, 730, 731, 740, 75EPSS 0.6%CVE-2023-23304HIGHThe GarminOS TVM component in CIQ API version 2.1.0 through 4.1.7 allows applications with a specially crafted head section to use the `ToybEPSS 0.6%CVE-2023-51379MEDIUMIncorrect Authorization for Issue Comments in GitHub Enterprise Server EPSS 0.6%CVE-2023-26484HIGHOn a compromised KubeVirt node, the virt-handler service account can be used to modify all node specsEPSS 0.6%CVE-2024-42966CRITICALIncorrect access control in TOTOLINK N350RT V9.3.5u.6139_B20201216 allows attackers to obtain the apmib configuration file, which contains tEPSS 0.6%CVE-2023-31138HIGHDHIS2 Core vulnerable to Improper Access Control with PATCH requestsEPSS 0.6%CVE-2022-0720—Amelia < 1.0.47 - Customer+ Arbitrary Appointments Update and Sensitive Data DisclosureEPSS 0.6%CVE-2024-31970HIGHAdTran SRG 834-5 HDC17600021F1 devices (with SmartOS 11.1.1.1 and fixed in Version 12.1.3.1) have SSH enabled by default, accessible both ovEPSS 0.6%CVE-2022-31589—Due to improper authorization check, business users who are using Israeli File from SHAAM program (/ATL/VQ23 transaction), are granted more EPSS 0.6%CVE-2024-44667HIGHShenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router M7628NNxISPxUIv2_v1.0.1557.15.35_P0 is vulnerable to Incorrect Access ContrEPSS 0.6%CVE-2023-32683LOWURL deny list bypass via oEmbed and image URLs when generating previews in SynapseEPSS 0.6%CVE-2025-5071HIGHAI Engine 2.8.0 - 2.8.3 - Authenticated (Subscriber+) Insufficient Authorization to Privilege Escalation via MCPEPSS 0.6%CVE-2026-21289HIGHAdobe Commerce | Incorrect Authorization (CWE-863)EPSS 0.6%