Fallos del tipo CWE-285
1292 resultadosCVE-2025-3536MEDIUMTutorials-Website Employee Management System delete-user.php improper authorizationEPSS 0.6%CVE-2022-26310HIGHImproper Authorization in User Management to Vertical Privilege EscalationEPSS 0.6%CVE-2024-38371HIGHInsufficient access control for OAuth2 Device Code flow in authentikEPSS 0.6%CVE-2025-63218CRITICALThe Axel Technology WOLF1MS and WOLF2MS devices (firmware versions 0.8.5 to 1.0.3) are vulnerable to Broken Access Control due to missing auEPSS 0.6%CVE-2024-20381HIGHCisco Network Services Orchestrator Configuration Update Authorization Bypass VulnerabilityEPSS 0.6%CVE-2025-59100MEDIUMUnauthenticated Access to the SQLite Database in dormakaba access managerEPSS 0.6%CVE-2022-36453HIGHA vulnerability in the MiCollab Client API of Mitel MiCollab 9.1.3 through 9.5.0.101 could allow an authenticated attacker to modify their pEPSS 0.6%CVE-2024-13694HIGHWooCommerce Wishlist <= 1.8.7 - Unauthenticated Wishlist Disclosure via download_pdf_file FunctionEPSS 0.6%CVE-2022-27583CRITICALA remote unprivileged attacker can interact with the configuration interface of a Flexi-Compact FLX3-CPUC1 or FLX3-CPUC2 running an affectedEPSS 0.6%CVE-2025-0928HIGHArbitrary executable upload via authenticated endpointEPSS 0.6%CVE-2024-25063HIGHDue to insufficient server-side validation, a successful exploit of this vulnerability could allow an attacker to gain access to certain URLEPSS 0.6%CVE-2023-53895CRITICALPimpMyLog 1.7.14 Improper Access Control via Account Creation EndpointEPSS 0.6%CVE-2023-3037HIGHHelpDezk Community improper authorizationEPSS 0.6%CVE-2023-1167MEDIUMImproper authorization in Gitlab EE affecting all versions from 12.3.0 before 15.8.5, all versions starting from 15.9 before 15.9.4, all verEPSS 0.6%CVE-2022-40208MEDIUMIn Moodle, insufficient limitations in some quiz web services made it possible for students to bypass sequential navigation during a quiz atEPSS 0.6%CVE-2024-7799MEDIUMSourceCodester Simple Online Bidding System users.php improper authorizationEPSS 0.6%CVE-2024-52287MEDIUMauthentik performs insufficient validation of OAuth scopesEPSS 0.6%CVE-2024-42490HIGHauthentik has Insufficient Authorization for several API endpointsEPSS 0.6%CVE-2023-2950MEDIUMImproper Authorization in openemr/openemrEPSS 0.6%CVE-2024-13109MEDIUMBeijing Yunfan Internet Technology Yunfan Learning Examination System doc.html improper authorizationEPSS 0.6%