Falhas do tipo CWE-863
2.092 resultadosCVE-2023-23604MEDIUMCreation of duplicate SystemPrincipal from less secure contextsEPSS 0.5%CVE-2026-25890HIGHFile Browser has a Path-Based Access Control Bypass via Multiple Leading Slashes in URLEPSS 0.5%CVE-2023-6837HIGHIncorrect Authorization in Multiple WSO2 Products via Federated Authentication with JIT Provisioning Leading to User ImpersonationEPSS 0.5%CVE-2023-32219MEDIUMMazda cars unlockingEPSS 0.5%CVE-2023-31141MEDIUMOpenSearch issue with fine-grained access control during extremely rare race conditionsEPSS 0.5%CVE-2023-2759HIGHTAPHOME Improper Authentication in Core PlatformEPSS 0.5%CVE-2023-25594MEDIUMAuthorization Bypass Leading to Privilege Escalation in ClearPass Policy Manager Web-Based Management InterfaceEPSS 0.5%CVE-2018-10910MEDIUMA bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This siEPSS 0.5%CVE-2024-36037MEDIUMInsufficient Access Control VulnerabilityEPSS 0.5%CVE-2025-30703LOWVulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0EPSS 0.5%CVE-2023-37881MEDIUMWeak Access Control between Domains in Wing FTP Server <= 7.2.0EPSS 0.5%CVE-2024-24774LOWMissing authorization allows users to access arbitrary security levels on Jira through webhooks (Jira Plugin)EPSS 0.5%CVE-2020-36610MEDIUMannyshow DuxCMS cross-site request forgeryEPSS 0.5%CVE-2024-10975HIGHNomad Vulnerable To Cross-Namespace Volume Creation Abusing CSI Write PermissionEPSS 0.5%CVE-2022-39388HIGHIstio may allow identity impersonation if user has localhost accessEPSS 0.5%CVE-2024-12196MEDIUMIncorrect authorization in the permission component in Devolutions Server 2024.3.7.0 and earlier allows an authenticated user to view the paEPSS 0.5%CVE-2022-23473MEDIUMTuleap MediaWiki standalone "readers" can also edit pagesEPSS 0.5%CVE-2024-48176CRITICALLylme Spage v1.9.5 is vulnerable to Incorrect Access Control. There is no limit on the number of login attempts, and the verification code wEPSS 0.5%CVE-2024-5705HIGHHitachi Vantara Pentaho Business Analytics Server - Incorrect AuthorizationEPSS 0.5%CVE-2023-50811MEDIUMAn issue discovered in SELESTA Visual Access Manager 4.38.6 allows attackers to modify the “computer” POST parameter related to the ID of a EPSS 0.5%