Fallos del tipo CWE-285
1295 resultadosCVE-2024-36399HIGHKanboard affected by Project Takeover via IDOR in ProjectPermissionControllerEPSS 0.4%CVE-2023-34219MEDIUMIn JetBrains TeamCity before 2023.05 improper permission checks allowed users without appropriate permissions to edit Build Configuration seEPSS 0.4%CVE-2019-12671MEDIUMCisco IOS XE Software Consent Token Bypass VulnerabilityEPSS 0.4%CVE-2025-3569MEDIUMJamesZBL/code-projects db-hospital-drug ShiroConfig.java improper authorizationEPSS 0.4%CVE-2024-38370MEDIUMGLPI allows API document download without rightsEPSS 0.4%CVE-2025-4672HIGHOffsprout Page Builder 2.2.1 - 2.15.2 - Authenticated (Contributor+) Privilege Escalation via permission_callback FunctionEPSS 0.4%CVE-2025-9687MEDIUMPortabilis i-Educar processamentoApi improper authorizationEPSS 0.4%CVE-2023-52359HIGHVulnerability of permission verification in some APIs in the ActivityTaskManagerService module.
Impact: Successful exploitation of this vulnEPSS 0.4%CVE-2025-62610HIGHHono Improperly Authorizes JWT Audience ValidationEPSS 0.4%CVE-2026-4990MEDIUMchatwoot Signup Endpoint login improper authorizationEPSS 0.4%CVE-2025-5522MEDIUMjack0240 魏 bskms 蓝天幼儿园管理系统 User Creation addUser improper authorizationEPSS 0.3%CVE-2025-5182MEDIUMSummer Pearl Group Vacation Rental Management Platform Listing authorizationEPSS 0.3%CVE-2025-29922CRITICALkcp allows unauthorized creation and deletion of objects in arbitrary workspaces through APIExport Virtual WorkspaceEPSS 0.3%CVE-2025-15582MEDIUMdetronetdip E-commerce Product Management Update authorizationEPSS 0.3%CVE-2025-11048MEDIUMPortabilis i-Educar consulta-dispensas improper authorizationEPSS 0.3%CVE-2026-4617MEDIUMSourceCodester Patients Waiting Area Queue Management System Patient Check-In api_patient_checkin.php ValidateToken improper authorizationEPSS 0.3%CVE-2025-7938MEDIUMjerryshensjf JPACookieShop 蛋糕商城JPA版 GoodsController.java updateGoods authorizationEPSS 0.3%CVE-2025-9609MEDIUMPortabilis i-Educar consulta improper authorizationEPSS 0.3%CVE-2025-11047MEDIUMPortabilis i-Educar aluno improper authorizationEPSS 0.3%CVE-2025-11050MEDIUMPortabilis i-Educar periodo-lancamento improper authorizationEPSS 0.3%