Falhas do tipo CWE-863

2.100 resultados
CVE-2025-8807MEDIUMxujeff tianti 天梯 save authorizationEPSS 0.3%CVE-2025-25274MEDIUMUnauthorized Command Execution in Archived ChannelsEPSS 0.3%CVE-2024-7296LOWIncorrect Authorization in GitLabEPSS 0.3%CVE-2026-21296MEDIUMAdobe Commerce | Incorrect Authorization (CWE-863)EPSS 0.3%CVE-2026-35442HIGHDirectus: Authenticated Users Can Extract Concealed Fields via Aggregate QueriesEPSS 0.3%CVE-2025-2202MEDIUMBroken access control vulnerability in the Innovación y Cualificación local administration plugin ajax.phpEPSS 0.3%CVE-2025-29997HIGHImproper Access Control Vulnerability in CAP back office applicationEPSS 0.3%CVE-2026-40166HIGHauthentik: Non-admin user can retrieve confidential OAuth client_secret via /api/v3/oauth2/access_tokens/EPSS 0.3%CVE-2025-2201MEDIUMBroken access control vulnerability in the Innovación y Cualificación IcProgreso pluginEPSS 0.3%CVE-2026-32967MEDIUMApache DolphinScheduler: The `/v2` experimental interface lacks permission checksEPSS 0.3%CVE-2025-46834MEDIUMAlchemy's Modular Account can use executeUserOp to bypass allowlist prevalidation hookEPSS 0.3%CVE-2024-28174MEDIUMIn JetBrains TeamCity before 2023.11.4 presigned URL generation requests in S3 Artifact Storage plugin were authorized improperlyEPSS 0.3%CVE-2024-48936MEDIUMSchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to executEPSS 0.3%CVE-2023-5194LOWA system/user manager can demote / deactivate another managerEPSS 0.3%CVE-2026-44882HIGHPortainer: Kubernetes middleware continues after token validation failure, bypassing endpoint authorizationEPSS 0.3%CVE-2026-34023HIGHBroken WebSocket authorization in Wertheim SafeController Software allows cross-branch access to restricted functionsEPSS 0.3%CVE-2025-48373MEDIUMSchule Has Client-Side Role-Based Access Control (RBAC) Bypass VulnerabilityEPSS 0.3%CVE-2024-52312MEDIUMdata.all authenticated users can perform restricted operations against DataSets and EnvironmentsEPSS 0.3%CVE-2024-47159MEDIUMIn JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore workflows attached to a projectEPSS 0.3%CVE-2024-13266MEDIUMResponsive and off-canvas menu - Moderately critical - Access bypass - SA-CONTRIB-2024-030EPSS 0.3%