Falhas do tipo CWE-863
2.098 resultadosCVE-2024-47160MEDIUMIn JetBrains YouTrack before 2024.3.44799 access to global app config data without appropriate permissions was possibleEPSS 0.4%CVE-2025-21554MEDIUMVulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications (component: Security).EPSS 0.4%CVE-2026-34376HIGHPdfDing: Password-protected share bypass via direct serve endpointEPSS 0.4%CVE-2025-20332MEDIUMCisco Identity Services Engine Authorization Bypass VulnerabilityEPSS 0.4%CVE-2023-49273MEDIUMUmbraco CMS vulnerable to Privilege Escalation using SpoofingEPSS 0.4%CVE-2024-34346HIGHDeno contains a permission escalation via open of privileged files with missing `--deny` flagEPSS 0.4%CVE-2026-3136HIGHGoogle Cloud Build Comment Control BypassEPSS 0.4%CVE-2025-68129MEDIUMAuth0-PHP SDK has Improper Audience ValidationEPSS 0.4%CVE-2019-3827HIGHAn incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files byEPSS 0.4%CVE-2026-32059HIGHOpenClaw 2026.2.22-2 < 2026.2.23 - Allowlist Bypass via sort Long-Option Abbreviation in tools.exec.safeBinsEPSS 0.4%CVE-2025-8434MEDIUMcode-projects Online Movie Streaming admin.php authorizationEPSS 0.4%CVE-2026-42032MEDIUMCKAN: Unauthenticated Authorization Bypass in `datastore_search_sql`EPSS 0.4%CVE-2022-3048MEDIUMInappropriate implementation in Chrome OS lockscreen in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a local attacker to bypassEPSS 0.4%CVE-2023-5159LOWA User Manager role with user edit permissions could manage/update botsEPSS 0.4%CVE-2024-7004MEDIUMInsufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced EPSS 0.4%CVE-2026-29194HIGHNetmaker: Insufficient Authorization in Host Token VerificationEPSS 0.4%CVE-2026-42889CRITICALRelay Server WebSocket authentication bypass when token is omittedEPSS 0.4%CVE-2025-9973MEDIUMAuthorization Bypass via Adaptive Authentication in WSO2 Identity Server Allows Cross-Organization Account TakeoverEPSS 0.4%CVE-2025-14866HIGHMelapress Role Editor <= 1.1.1 - Improper Authorization to Authenticated (Subscriber+) Privilege Escalation via Secondary Role AssignmentEPSS 0.4%CVE-2022-30356HIGHOvalEdge 5.2.8.0 and earlier is affected by a Privilege Escalation vulnerability via a POST request to /user/assignuserrole via the userid aEPSS 0.4%