Falhas do tipo CWE-863
2.092 resultadosCVE-2024-1741CRITICALImproper Authorization in lunary-ai/lunaryEPSS 0.6%CVE-2023-29296MEDIUM[Cloud] Customer suspects IDOR vulnerabilityEPSS 0.6%CVE-2023-29295MEDIUMInsecure Direct Object Reference (IDOR) in Create Quote FunctionEPSS 0.6%CVE-2023-29288MEDIUMAdobe Commerce | Incorrect Authorization (CWE-863)EPSS 0.6%CVE-2025-21403MEDIUMOn-Premises Data Gateway Information Disclosure VulnerabilityEPSS 0.6%CVE-2023-5521HIGHIncorrect Authorization in tiann/kernelsuEPSS 0.6%CVE-2021-33718—A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.22), Mendix Applications using Mendix 8 (AllEPSS 0.6%CVE-2023-37579HIGHApache Pulsar Function Worker: Incorrect Authorization for Function Worker Can Leak Sink/Source CredentialsEPSS 0.6%CVE-2026-3660CRITICALIBM Engineering Lifecycle Management - Jazz Foundation is vulnerable to Authentication BypassEPSS 0.6%CVE-2023-30428HIGHApache Pulsar Broker: Incorrect Authorization Validation for Rest ProducerEPSS 0.6%CVE-2024-30616HIGHChamilo LMS 1.11.26 is vulnerable to Incorrect Access Control via main/auth/profile. Non-admin users can manipulate sensitive profiles inforEPSS 0.6%CVE-2025-1214MEDIUMpihome-shc PiHome Role-Based Access Control user_accounts.php authorizationEPSS 0.6%CVE-2017-16858—The 'crowd-application' plugin module (notably used by the Google Apps plugin) in Atlassian Crowd from version 1.5.0 before version 3.1.2 alEPSS 0.6%CVE-2024-1452MEDIUMGenerateBlocks <= 1.8.2 - Sensitive Information ExposureEPSS 0.6%CVE-2020-5418LOWCloud Controller allows users with no roles to list dropletsEPSS 0.6%CVE-2023-28249MEDIUMWindows Boot Manager Security Feature Bypass VulnerabilityEPSS 0.6%CVE-2023-40168HIGHMalicious projects can read and upload arbitrary files from disk in TurboWarp DesktopEPSS 0.6%CVE-2025-49556HIGHAdobe Commerce | Incorrect Authorization (CWE-863)EPSS 0.6%CVE-2026-23837CRITICALMyTube has an Authorization Bypass vulnerabilityEPSS 0.6%CVE-2023-0133MEDIUMInappropriate implementation in in Permission prompts in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to bypassEPSS 0.6%