Fallos del tipo CWE-266
950 resultadosCVE-2025-10209MEDIUMPapermerge DMS Authorization Token improper authorizationEPSS 0.3%CVE-2026-2079MEDIUMyeqifu warehouse Menu Management MenuController.java deleteMenu improper authorizationEPSS 0.3%CVE-2026-2078MEDIUMyeqifu warehouse Permission Management PermissionController.java deletePermission improper authorizationEPSS 0.3%CVE-2026-2076MEDIUMyeqifu warehouse User Management Endpoint UserController.java deleteUser improper authorizationEPSS 0.3%CVE-2021-20264—An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker wEPSS 0.3%CVE-2026-11519MEDIUMSourceCodester Inventory System Account Creation users_handler.php improper authorizationEPSS 0.3%CVE-2026-9483MEDIUMSourceCodester Student Grades Management System grades.php improper authorizationEPSS 0.3%CVE-2020-1705HIGHA vulnerability was found in openshift/template-service-broker-operator in all 4.x.x versions prior to 4.3.0, where an insecure modificationEPSS 0.3%CVE-2025-9151MEDIUMLiuYuYang01 ThriveX-Blog web updateJsonValueByName improper authorizationEPSS 0.3%CVE-2026-10215MEDIUMDolibarr ERP CRM Leave Request REST API api_holidays.class.php checkUserAccessToObject improper authorizationEPSS 0.3%CVE-2026-27668HIGHA vulnerability has been identified in RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) (All versions < V5.8). User Administrators aEPSS 0.3%CVE-2025-15085MEDIUMyoulaitech youlai-mall Balance MemberController.java deductBalance improper authorizationEPSS 0.3%CVE-2025-15086MEDIUMyoulaitech youlai-mall MemberController.java getMemberByMobile access controlEPSS 0.3%CVE-2019-19348HIGHAn insecure modification vulnerability in the /etc/passwd file was found in the container openshift/apb-base, affecting versions before the EPSS 0.3%CVE-2019-19346HIGHAn insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mariadb-apb, affecting versions before tEPSS 0.3%CVE-2024-4555HIGHUser impersonation with MFA when configure in specific wayEPSS 0.3%CVE-2026-7292MEDIUMo2oa NodeAgent NodeAgent.java syncFile improper authorizationEPSS 0.3%CVE-2025-31420HIGHWordPress wpForo Forum plugin <= 2.4.2 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2024-58273HIGHNagios Log Server < 2024R1.0.2 LPE from Apache/Backend Shell User to RootEPSS 0.3%CVE-2025-21092HIGHGMOD Apollo Incorrect Privilege AssignmentEPSS 0.3%