Falhas do tipo CWE-863

2.080 resultados

CVE-2020-24401MEDIUMIncorrect permissions following the deletion of a user role or deactivation of a userEPSS 2.3%CVE-2024-27933HIGHDeno arbitrary file descriptor close via `op_node_ipc_pipe()` leading to permission prompt bypassEPSS 2.3%CVE-2018-10925HIGHIt was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certainEPSS 2.2%CVE-2021-40456MEDIUMWindows AD FS Security Feature Bypass VulnerabilityEPSS 2.2%CVE-2024-48651HIGHIn ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplementEPSS 2.2%CVE-2017-7470MEDIUMIt was found that spacewalk-channel can be used by a non-admin user or disabled users to perform administrative tasks due to an incorrect auEPSS 2.1%CVE-2017-2673MEDIUMAn authorization-check flaw was discovered in federation configurations of the OpenStack Identity service (keystone). An authenticated federEPSS 2.1%CVE-2019-3399—The BrowseProjects.jspa resource in Jira before version 7.13.2, and from version 8.0.0 before version 8.0.2 allows remote attackers to see iEPSS 2.1%CVE-2022-31107HIGHGrafana account takeover via OAuth vulnerabilityEPSS 2.0%CVE-2023-23918HIGHA privilege escalation vulnerability exists in Node.js <19.6.1, <18.14.1, <16.19.1 and <14.21.3 that made it possible to bypass the experimeEPSS 2.0%CVE-2022-27668—Depending on the configuration of the route permission table in file 'saprouttab', it is possible for an unauthenticated attacker to executeEPSS 2.0%CVE-2020-11844CRITICALIncorrect Authorization vulnerability in the Micro Focus Container Deployment Foundation affecting multiple products.EPSS 2.0%CVE-2022-24755HIGHIncorrect Authorization in Bareos DirectorEPSS 2.0%CVE-2021-41189HIGHCommunities and collections administrators can escalate their privilege up to system administratorEPSS 2.0%CVE-2022-41091MEDIUMWindows Mark of the Web Security Feature Bypass VulnerabilityEPSS 2.0%KEV CVE-2022-0633—UpdraftPlus Free < 1.22.3 & Premium < 2.22.3 - Subscriber+ Backup DownloadEPSS 2.0%CVE-2021-39321HIGHSassy Social Share 3.3.23 PHP Object InjectionEPSS 2.0%CVE-2022-36785HIGHD-Link – G integrated Access Device4 Information Disclosure & Authorization Bypass.EPSS 1.9%CVE-2022-22967HIGHAn issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. PAM auth fails to reject locked accounts, which allows EPSS 1.9%CVE-2023-27920MEDIUMImproper access control vulnerability in the system date/time setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and EPSS 1.8%

← anteriorpágina 5 / 104próxima →