Falhas do tipo CWE-863
2.092 resultadosCVE-2024-20537MEDIUMCisco Identity Services Engine Authorization Bypass VulnerabilityEPSS 0.5%CVE-2024-38329HIGHIBM Storage Protect for Virtual Environments: Data Protection for VMware security bypassEPSS 0.5%CVE-2023-34107MEDIUMGLPI vulnerable to unauthorized access to KnowbaseItem dataEPSS 0.5%CVE-2023-34106MEDIUMGLPI vulnerable to unauthorized access to User dataEPSS 0.5%CVE-2023-30024—The MagicJack device, a VoIP solution for internet phone calls, contains a hidden NAND flash memory partition allowing unauthorized read/wriEPSS 0.5%CVE-2023-5193MEDIUMSystem Role with manage posts permission can read posts of Direct MessagesEPSS 0.5%CVE-2024-27288MEDIUM1Panel open source panel project has an unauthorized vulnerability.EPSS 0.5%CVE-2023-43609MEDIUMEmerson Rosemount GC370XA, GC700XA, GC1500XA Improper AuthorizationEPSS 0.5%CVE-2026-54091HIGHFile Browser: Incorrect access control in public directory shares via rule path rebasingEPSS 0.5%CVE-2024-50310HIGHA vulnerability has been identified in SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0) (All versions >= V4.0.44 < V4.0.50). Affected devices do EPSS 0.5%CVE-2026-32642LOWApache Artemis, Apache ActiveMQ Artemis: Temporary address auto-created for OpenWire consumer without createAddress permissionEPSS 0.5%CVE-2025-48043HIGHBypass and runtime policies that can never pass may be incorrectly applied in filter authorizationEPSS 0.5%CVE-2023-2515MEDIUMPrivilege escalation to system admin via personal access tokensEPSS 0.5%CVE-2024-10275HIGHImproper Role Modification by Admins for Billing Permissions in lunary-ai/lunaryEPSS 0.5%CVE-2024-23929HIGHPioneer DMH-WT7600NEX Telematics Directory TraversalEPSS 0.5%CVE-2024-50647HIGHThe python_food ordering system V1.0 has an unauthorized vulnerability that leads to the leakage of sensitive user information. Attackers caEPSS 0.5%CVE-2024-4006MEDIUMIncorrect Authorization in GitLabEPSS 0.5%CVE-2023-51380LOWIncorrect Authorization allows Read Access to Issue Comments in GitHub Enterprise ServerEPSS 0.5%CVE-2023-0091LOWA flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flawEPSS 0.5%CVE-2021-44465MEDIUMImproper access control in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier allows authenticated attackers to subscribe EPSS 0.5%