Fallos del tipo CWE-285
1301 resultadosCVE-2026-6634MEDIUMusememos UpdateInstanceSetting App.tsx memos_access_token improper authorizationEPSS 0.3%CVE-2026-9376MEDIUMJPress UCenter Article Submission Endpoint doWriteSave improper authorizationEPSS 0.3%CVE-2025-54130HIGHCursor Agent is vulnerable prompt injection via Editor Special FilesEPSS 0.3%CVE-2025-65030HIGHRallly Improper Authorization in Comment Deletion Endpoint Allows Unauthorized Comment RemovalEPSS 0.3%CVE-2022-34405HIGHAn improper access control vulnerability was identified in the Realtek audio driver. A local authenticated malicious user may potentially exEPSS 0.3%CVE-2025-13576MEDIUMcode-projects Blog Site admin.php improper authorizationEPSS 0.2%CVE-2023-0837MEDIUMAn improper authorization check of local device settings in TeamViewer Remote between version 15.41 and 15.42.7 for Windows and macOS allowEPSS 0.2%CVE-2026-28431CRITICALMisskey lacks proper authorization checks and input validationEPSS 0.2%CVE-2025-14016MEDIUMmacrozheng mall-swarm delete improper authorizationEPSS 0.2%CVE-2025-58156LOWCenturion ERP users can view hashed authentication tokens that belong to other usersEPSS 0.2%CVE-2022-34363MEDIUMDell Unisphere for PowerMax vApp version prior to 10.0.0.2, contains an authorization bypass vulnerability in the Unisphere for VMAX applicEPSS 0.2%CVE-2026-43983HIGHPocket ID: OIDC refresh token flow bypasses authorization revocation, account disabling, and group restrictionsEPSS 0.2%CVE-2025-9602MEDIUMXinhu RockOA index.php publicsaveAjax improper authorizationEPSS 0.2%CVE-2026-41522HIGHIris has an Improper Authorization issueEPSS 0.2%CVE-2026-32704MEDIUMSiYuan renderSprig: missing admin check allows any user to read full workspace DBEPSS 0.2%CVE-2022-30722MEDIUMImplicit Intent hijacking vulnerability in Samsung Account prior to SMR Jun-2022 Release 1 allows attackers to bypass user confirmation of SEPSS 0.2%CVE-2022-30730MEDIUMImproper authorization in Samsung Pass prior to 1.0.00.33 allows physical attackers to acess account list without authentication.EPSS 0.2%CVE-2025-71242MEDIUMSPIP < 4.3.6 Authorization Bypass Leading to Content DisclosureEPSS 0.2%CVE-2024-40814HIGHA downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.6, macOS Ventura 13.7. An EPSS 0.2%CVE-2025-14889MEDIUMCampcodes Advanced Voting Management System Password voters_edit.php improper authorizationEPSS 0.2%