Falhas do tipo CWE-863
2.092 resultadosCVE-2024-39322MEDIUMaimeos/ai-admin-jsonadm improper access control vulnerability allows editors to remove required recordsEPSS 0.5%CVE-2025-21540MEDIUMVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected aEPSS 0.5%CVE-2024-23262MEDIUMThis issue was addressed with additional entitlement checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, EPSS 0.5%CVE-2024-45261HIGHAn issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. The SID generated for a speEPSS 0.5%CVE-2023-47827MEDIUMWordPress Events Addon for Elementor Plugin <= 2.1.3 is vulnerable to Broken Access ControlEPSS 0.5%CVE-2024-20482MEDIUMA vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower ManagemeEPSS 0.5%CVE-2025-21565HIGHVulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Install). The supported version that is affecteEPSS 0.5%CVE-2026-52808HIGHGogs: Write-level collaborators can mutate admin-only repository settings via APIEPSS 0.5%CVE-2024-51426HIGHAn issue in the PepeGxng smart contract (which can be run on the Ethereum blockchain) allows remote attackers to have an unspecified impact EPSS 0.5%CVE-2024-20466MEDIUMCisco Identity Services Engine Sensitive Information Disclosure VulnerabilityEPSS 0.5%CVE-2023-35939HIGHGLPI vulnerable to unauthorized access to Dashboard dataEPSS 0.5%CVE-2024-4447CRITICALIn the System → Maintenance tool, the Logged Users tab surfaces sessionId data for all users via the Direct Web Remoting API (UserSessionAjaEPSS 0.5%CVE-2026-30820HIGHFlowise Authorization Bypass via Spoofed x-request-from HeaderEPSS 0.5%CVE-2024-55579HIGHAn issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR. An unprivileged user with network access may be able tEPSS 0.5%CVE-2024-36536CRITICALInsecure permissions in fabedge v0.8.1 allows attackers to access sensitive data and escalate privileges by obtaining the service account's EPSS 0.5%CVE-2026-56075HIGHPraisonAI - Arbitrary Shell Command Execution via Hardcoded Approval Mode OverrideEPSS 0.5%CVE-2026-3514HIGHAuthentication Bypass in prefecthq/prefectEPSS 0.5%CVE-2026-28229CRITICALArgo Workflows has unauthorized access to Argo Workflows TemplateEPSS 0.5%CVE-2026-1734MEDIUMZhong Bang CRMEB crontab Endpoint CrontabController.php authorizationEPSS 0.5%CVE-2024-38329HIGHIBM Storage Protect for Virtual Environments: Data Protection for VMware security bypassEPSS 0.5%