Fallos del tipo CWE-639
1528 resultadosCVE-2024-8485CRITICALREST API TO MiniProgram <= 4.7.1 - Unauthenticated Arbitrary User Email Update and Privilege Escalation via Account TakeoverEPSS 0.6%CVE-2023-35914HIGHWordPress WooCommerce Subscriptions Plugin <= 5.1.2 is vulnerable to Insecure Direct Object References (IDOR)EPSS 0.6%CVE-2026-24178CRITICALNVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cauEPSS 0.6%CVE-2022-2913MEDIUMLogin No Captcha reCAPTCHA < 1.7 - IP Check BypassEPSS 0.6%CVE-2022-4802CRITICALAuthorization Bypass Through User-Controlled Key in usememos/memosEPSS 0.6%CVE-2024-2538MEDIUMPermalink Manager <= 2.4.3.1 - Missing Authorization to Authenticated(Author+) Arbitrary Post Slug ModificationEPSS 0.6%CVE-2023-6523HIGHIDOR in ExtremePacs's Extreme XDSEPSS 0.6%CVE-2023-6515HIGHIDOR in Mia Technology's Mia-MedEPSS 0.6%CVE-2023-35916HIGHWordPress WooCommerce Payments Plugin <= 5.9.0 is vulnerable to Insecure Direct Object References (IDOR)EPSS 0.6%CVE-2025-53640MEDIUMIndico vulnerable to user enumeration via API endpointEPSS 0.6%CVE-2026-30944HIGHStudioCMS Affected by Privilege Escalation via Insecure API Token GenerationEPSS 0.6%CVE-2022-4811HIGHAuthorization Bypass Through User-Controlled Key in usememos/memosEPSS 0.6%CVE-2024-7040MEDIUMImproper Access Control in open-webui/open-webuiEPSS 0.6%CVE-2023-32078HIGHNetmaker IDOR Vulnerability Allows User to Update Other User's PasswordEPSS 0.6%CVE-2023-1125MEDIUMRuby Help Desk < 1.3.4 - Subscriber+ Ticket Update via IDOREPSS 0.6%CVE-2022-3995MEDIUMTeraWallet – For WooCommerce <= 1.4.3 - Insecure Direct Object ReferenceEPSS 0.6%CVE-2025-1607MEDIUMSourceCodester Best Employee Management System salary_slip.php authorizationEPSS 0.6%CVE-2023-1911MEDIUMBlocksy Companion < 1.8.82 - Subscriber+ Draft Post AccessEPSS 0.5%CVE-2024-8613HIGHImproper Access Control in gaizhenbiao/chuanhuchatgptEPSS 0.5%CVE-2020-37094HIGHEspoCRM 5.8.5 - Privilege EscalationEPSS 0.5%