Fallos del tipo CWE-285

1301 resultados
CVE-2026-8743MEDIUMOpen5GS AMF/MME context.c ran_ue_find_by_amf_ue_ngap_id improper authorizationEPSS 0.2%CVE-2021-25433Improper authorization vulnerability in Tizen factory reset policy prior to Firmware update JUL-2021 Release allows untrusted applications tEPSS 0.2%CVE-2026-10154MEDIUMDolibarr ERP CRM messaging.php authorizationEPSS 0.2%CVE-2026-10294MEDIUMPackageKit API pk-transaction.c g_file_test improper authorizationEPSS 0.2%CVE-2025-68481MEDIUMFastAPI Users Vulnerable to 1-click Account Takeover in Apps Using FastAPI SSOEPSS 0.2%CVE-2025-65031MEDIUMRallly Improper Authorization in Comment Endpoint Allows User ImpersonationEPSS 0.2%CVE-2020-1690An improper authorization flaw was discovered in openstack-selinux's applied policy where it does not prevent a non-root user in a containerEPSS 0.2%CVE-2026-13511LOWVoltAgent Memory REST API memory.handlers.ts handleGetMemoryConversation improper authorizationEPSS 0.2%CVE-2026-13512MEDIUMDatabend Tenant client_session_manager.rs state_key authorizationEPSS 0.2%CVE-2024-24900MEDIUMDell Secure Connect Gateway (SCG) Policy Manager, all versions, contain an improper authorization vulnerability. An adjacent network low priEPSS 0.2%CVE-2025-10902MEDIUMOriginality.ai AI Checker <= 1.0.15 - Missing Authorization to Authenticated (Subscriber+) Scan Log Deletion via ' ai_scan_result_remove'EPSS 0.2%CVE-2025-12435MEDIUMIncorrect security UI in Omnibox in Google Chrome on Android prior to 142.0.7444.59 allowed a remote attacker to perform UI spoofing via a cEPSS 0.2%CVE-2025-12005MEDIUMWP VR – 360 Panorama and Free Virtual Tour Builder For WordPress <= 8.5.41 - Improper Authorization to Authenticated (Contributor+) Plugin Settings UpdateEPSS 0.2%CVE-2025-62520MEDIUMMantisBT unauthorized disclosure of private project column configurationEPSS 0.2%CVE-2026-47713LOWAnythingLLM: Legacy mobile device tokens bypass multi-user workspace scoping after mode migrationEPSS 0.2%CVE-2026-7709MEDIUMjaneczku Calibre-Web Endpoint kobo_auth.py generate_auth_token improper authorizationEPSS 0.2%CVE-2025-54787LOWSuiteCRM: Improper Authorization for attachment downloadsEPSS 0.2%CVE-2025-8794MEDIUMLitmusChaos Litmus LocalStorage authorizationEPSS 0.2%CVE-2026-10070MEDIUMmacrozheng mall Super Admin Password update improper authorizationEPSS 0.2%CVE-2026-6614MEDIUMTransformerOptimus SuperAGI project.py get_projects_organisation authorizationEPSS 0.2%