Falhas do tipo CWE-863
2.092 resultadosCVE-2024-58260HIGHRancher update on users can deny the service to the adminEPSS 0.5%CVE-2023-3964MEDIUMIncorrect Authorization in GitLabEPSS 0.5%CVE-2023-50811MEDIUMAn issue discovered in SELESTA Visual Access Manager 4.38.6 allows attackers to modify the “computer” POST parameter related to the ID of a EPSS 0.5%CVE-2026-30945HIGHStudioCMS: IDOR — Arbitrary API Token Revocation Leading to Denial of ServiceEPSS 0.5%CVE-2018-25353HIGHRedaxo CMS Mediapool Addon 5.5.1 Arbitrary File UploadEPSS 0.5%CVE-2024-47078HIGHMeshtastic firmware Authentication/Authorization Bypass via MQTTEPSS 0.5%CVE-2025-54265MEDIUMAdobe Commerce | Incorrect Authorization (CWE-863)EPSS 0.5%CVE-2024-27915MEDIUMSulu grants access to pages regardless of role permissionsEPSS 0.4%CVE-2026-54803CRITICALWordPress SMS Alert Order Notifications plugin <= 3.9.4 - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2023-51649LOWNautobot missing object-level permissions enforcement when running Job ButtonsEPSS 0.4%CVE-2024-53937HIGHAn issue was discovered on Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware 1.0) devices. The TELNET service is enabledEPSS 0.4%CVE-2024-37775HIGHIncorrect access control in Sunbird DCIM dcTrack v9.1.2 allows attackers to create or update a ticket with a location which bypasses an RBACEPSS 0.4%CVE-2025-40568MEDIUMA vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2), SCALANCE XCH328 (6GK5328-4TS01-2EC2) (All vEPSS 0.4%CVE-2026-25660CRITICALAuthentication bypass for certain API callsEPSS 0.4%CVE-2024-8606CRITICALFix 2FA bypass via RestAPIEPSS 0.4%CVE-2026-23902HIGHApache DolphinScheduler: Users are able to use tenants that are not defined on the platform during workflow execution.EPSS 0.4%CVE-2024-48237CRITICALWTCMS 1.0 is vulnerable to Incorrect Access Control in \Common\Controller\HomebaseController.class.php.EPSS 0.4%CVE-2024-31990MEDIUMArgo CD' API server does not enforce project sourceNamespacesEPSS 0.4%CVE-2023-3444MEDIUMIncorrect Authorization in GitLabEPSS 0.4%CVE-2026-22806CRITICALvCluster Platform's Access Keys Allows Access Beyond ScopeEPSS 0.4%