Fallos del tipo CWE-285

1290 resultados

CVE-2022-39340MEDIUMOpenFGA Information DisclosureEPSS 0.7%CVE-2026-47298HIGHMicrosoft SharePoint Server Remote Code Execution VulnerabilityEPSS 0.7%CVE-2024-27916HIGH`GetRepositoryByName`, `DeleteRepositoryByName` and `GetArtifactByName` allow access of arbitrary repositories in Minder by any authenticated userEPSS 0.7%CVE-2024-1043MEDIUMAMP for WP <= 1.0.93.1 - Authenticated(Contributor+) Arbitrary Post Deletion via amppb_remove_saved_layout_dataEPSS 0.7%CVE-2024-34463MEDIUMBPL Personal Weighing Scale PWS-01BT IND/09/18/599 devices send sensitive information in unencrypted BLE packets. (The packet data also lackEPSS 0.7%CVE-2014-2349—Emerson DeltaV Use of Improper AuthorizationEPSS 0.7%CVE-2020-10686MEDIUMA flaw was found in Keycloak version 8.0.2 and 9.0.0, and was fixed in Keycloak version 9.0.1, where a malicious user registers as oneself. EPSS 0.7%CVE-2022-0406MEDIUMImproper Authorization in janeczku/calibre-webEPSS 0.7%CVE-2023-42453LOWImproper validation of receipts allows forged read receipts in matrix synapseEPSS 0.7%CVE-2023-34460MEDIUMTauri vulnerable to Regression on Filesystem Scope Checks for DotfilesEPSS 0.6%CVE-2020-10736HIGHAn authorization bypass vulnerability was found in Ceph versions 15.2.0 before 15.2.2, where the ceph-mon and ceph-mgr daemons do not properEPSS 0.6%CVE-2024-33749CRITICALDedeCMS V5.7.114 is vulnerable to deletion of any file via mail_file_manage.php.EPSS 0.6%CVE-2022-31167HIGHXWiki Platform Security Parent POM vulnerable to overwriting of security rules of a page with a final page having the same referenceEPSS 0.6%CVE-2018-12467MEDIUMdelete package via link exploit in open buildserviceEPSS 0.6%CVE-2022-4868MEDIUMImproper Authorization in froxlor/froxlorEPSS 0.6%CVE-2023-0456HIGHApicast proxies the api call with incorrect jwt token to the api backend without proper authorization checkEPSS 0.6%CVE-2023-42491HIGHEisBaer Scada - CWE-285: Improper AuthorizationEPSS 0.6%CVE-2025-2320MEDIUM274056675 springboot-openai-chatgpt User submit improper authorizationEPSS 0.6%CVE-2023-47166HIGHA firmware update vulnerability exists in the luci2-io file-import functionality of Milesight UR32L v32.3.0.7-r2. A specially crafted networEPSS 0.6%CVE-2023-0609MEDIUMImproper Authorization in wallabag/wallabagEPSS 0.6%

← anteriorpágina 17 / 65siguiente →