Fallos del tipo CWE-285
1301 resultadosCVE-2025-7221MEDIUMGiveWP – Donation Plugin and Fundraising Platform <= 4.5.0 - Missing Authorization to Donation UpdateEPSS 0.2%CVE-2024-57954MEDIUMPermission verification vulnerability in the media library module
Impact: Successful exploitation of this vulnerability may affect service cEPSS 0.2%CVE-2026-10282MEDIUMBottelet DaybydayCRM DocumentsController.php view improper authorizationEPSS 0.2%CVE-2026-21641HIGHHackerOne community member Jad Ghamloush (0xjad) has reported an authorization bypass vulnerability in the `tracker-delete.php` script of ReEPSS 0.2%CVE-2026-34370MEDIUMChamilo LMS: IDOR in the Notebook Module allows an attacker to view other users' private notesEPSS 0.2%CVE-2022-2393—A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication isEPSS 0.2%CVE-2026-21886MEDIUMOpenCTI's GraphQL Mutations Allow Deletion of Unrelated EntitiesEPSS 0.2%CVE-2026-34315MEDIUMVulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affeEPSS 0.2%CVE-2025-8147MEDIUMLWSCache <= 2.8.5 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Activation via lwscache_activatePlugin FunctionEPSS 0.2%CVE-2025-4654LOWSoumettre.fr <= 2.1.5 - Improper Authorization to Unauthenticated Soumettre Posts Creation/Modification/DeletionEPSS 0.2%CVE-2026-45345MEDIUMOpen WebUI: Missing authorization check at the model update function - models from other users can be updatedEPSS 0.2%CVE-2026-12797MEDIUMBerriAI litellm Completions banned_keywords.py async_pre_call_hook authorizationEPSS 0.2%CVE-2025-65782MEDIUMAn issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Authorization flaw in card update EPSS 0.2%CVE-2026-7631MEDIUMcode-projects Online Hospital Management System Registration improper authorizationEPSS 0.2%CVE-2026-33398HIGHAuthenticated users can read hidden forum posts through `/forum/get_quotes`EPSS 0.2%CVE-2026-11461MEDIUMNousResearch hermes-agent resume Endpoint hermes_state.py resolve_session_by_title authorizationEPSS 0.2%CVE-2026-4013MEDIUMSourceCodester Web-based Pharmacy Product Management System add_admin.php improper authorizationEPSS 0.2%CVE-2025-65028MEDIUMRallly Has an IDOR Vulnerability in Vote Update Endpoint Allows Unauthorized Manipulation of Participant VotesEPSS 0.2%CVE-2025-15118MEDIUMmacrozheng mall Member Endpoint update improper authorizationEPSS 0.2%CVE-2026-8743MEDIUMOpen5GS AMF/MME context.c ran_ue_find_by_amf_ue_ngap_id improper authorizationEPSS 0.2%