Fallos del tipo CWE-285

1301 resultados
CVE-2025-24784MEDIUMkubewarden-controller has an Information leak via AdmissionPolicyGroup ResourceEPSS 0.3%CVE-2024-39597HIGH[CVE-2024-39597] Improper Authorization Checks on Early Login Composable Storefront B2B sites of SAP CommerceEPSS 0.3%CVE-2026-7510MEDIUMOWAP DefectDojo Benchmark/Engagement/Product/Survey authorizationEPSS 0.3%CVE-2026-11500LOWWeaviate Static API Key client.go validateConfig authorizationEPSS 0.3%CVE-2024-20414MEDIUMA vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conEPSS 0.3%CVE-2025-4521HIGHIDonate 2.1.5 - 2.1.9 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via idonate_donor_profile FunctionEPSS 0.3%CVE-2024-48901MEDIUMMoodle: idor when fetching report schedulesEPSS 0.3%CVE-2025-11174MEDIUMDocument Library Lite <= 1.1.6 - Missing Authorization to Sensitive Information ExposureEPSS 0.3%CVE-2024-41962MEDIUMBostr Improper AuthorizationEPSS 0.3%CVE-2025-27602MEDIUMUmbraco Allows a Restricted Editor User to Delete Media Item or Access Unauthorized ContentEPSS 0.3%CVE-2024-1803MEDIUMEmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.12 - Insufficient Authorization Checks to Block UsualEPSS 0.3%CVE-2025-15120LOWJeecgBoot getDeptRoleList improper authorizationEPSS 0.3%CVE-2025-3567MEDIUMveal98 小牛肉 Echo 开源社区系统 Ticket LoginTicketInterceptor.java preHandle improper authorizationEPSS 0.3%CVE-2025-11244LOWPassword Protected <= 2.7.11 - Unauthenticated Authorization Bypass via IP Address SpoofingEPSS 0.3%CVE-2025-15213MEDIUMcode-projects Student File Management System File Download download.php improper authorizationEPSS 0.3%CVE-2025-3550MEDIUMwowjoy 浙江湖州华卓信息科技有限公司 Internet Doctor Workstation System detail improper authorizationEPSS 0.3%CVE-2025-3014HIGHInsecure direct object references (IDOR) in NightWolf Penetration PlatformEPSS 0.3%CVE-2025-3013HIGHInsecure direct object references (IDOR) in NightWolf Penetration PlatformEPSS 0.3%CVE-2026-6977MEDIUMvanna-ai vanna Legacy Flask API improper authorizationEPSS 0.3%CVE-2025-20264MEDIUMCisco Identity Services Engine Authorization Bypass VulnerabilityEPSS 0.3%