Fallos del tipo CWE-266
950 resultadosCVE-2025-15124LOWJeecgBoot list getParameterMap improper authorizationEPSS 0.3%CVE-2026-3668LOWFreedom Factory dGEN1 org.ethosmobile.webpwaemul AndroidEthereum access controlEPSS 0.3%CVE-2025-15125LOWJeecgBoot queryDepartPermission improper authorizationEPSS 0.3%CVE-2024-23794MEDIUMAgents are able to lock the ticket without the "Owner" permissionEPSS 0.3%CVE-2026-11532MEDIUMimvks786 student_management_system Student Record add.php access controlEPSS 0.3%CVE-2025-63384MEDIUMA vulnerability was discovered in RISC-V Rocket-Chip v1.6 and before implementation where the SRET (Supervisor-mode Exception Return) instruEPSS 0.3%CVE-2025-10422MEDIUMnewbee-mall Order Status paySuccess improper authorizationEPSS 0.3%CVE-2025-27028MEDIUMRead access of deprivileged Radiflow iSAP Smart Collector userEPSS 0.3%CVE-2025-66296HIGHGrav vulnerable to Privilege Escalation in Grav Admin: Missing Username Uniqueness Check Allows Admin Account TakeoverEPSS 0.3%CVE-2024-23288HIGHThis issue was addressed by removing the vulnerable code. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watEPSS 0.3%CVE-2025-5390MEDIUMJeeWMS File filedeal.do filedeal access controlEPSS 0.3%CVE-2025-3517MEDIUMIncorrect privilege assignment in PAM JIT elevation feature in Devolutions Server 2025.1.5.0 and earlier allows a PAM user to elevate a prevEPSS 0.3%CVE-2026-1898MEDIUMWeKan LDAP User Sync syncUser.js SyncLDAPBleed access controlEPSS 0.3%CVE-2023-38296HIGHVarious software builds for the following TCL 30Z and TCL A3X devices leak the ICCID to a system property that can be accessed by any local EPSS 0.3%CVE-2025-14086MEDIUMyoulaitech youlai-mall openid access controlEPSS 0.3%CVE-2025-13117MEDIUMmacrozheng mall-swarm/mall cancelOrder improper authorizationEPSS 0.3%CVE-2025-13116MEDIUMmacrozheng mall-swarm/mall cancelUserOrder improper authorizationEPSS 0.3%CVE-2026-25334HIGHWordPress Salon Booking System Pro plugin < 10.30.12 - Account Takeover vulnerabilityEPSS 0.3%CVE-2025-10084MEDIUMelunez eladmin SysLogController 1 queryErrorLogDetail improper authorizationEPSS 0.3%CVE-2026-2077MEDIUMyeqifu warehouse Role Management RoleController.java deleteRole improper authorizationEPSS 0.3%