Fallos del tipo CWE-862

7076 resultados
CVE-2025-8886MEDIUMAuthorization Bypass in Usta Information Systems' Aybs InteraktifEPSS 0.1%CVE-2025-62144MEDIUMWordPress Core Web Vitals & PageSpeed Booster plugin <= 1.0.28 - Broken Access Control vulnerabilityEPSS 0.1%CVE-2026-11773MEDIUMMasteriyo LMS <= 2.2.1 - Missing Authorization to Authenticated (Student+) Arbitrary Course Announcement ModificationEPSS 0.1%CVE-2024-20413MEDIUMCisco NX-OS Bash Privilege Escalation VulnerabilityEPSS 0.1%CVE-2025-7047MEDIUMMissing Authorization in Utarit Informatics' SoliClubEPSS 0.1%CVE-2023-32112LOWMissing Authorization Check in Vendor Master HierarchyEPSS 0.1%CVE-2026-0081CRITICALIn NFC, there is a possible way to spoof an NFC event due to a missing permission check. This could lead to local escalation of privilege wiEPSS 0.1%CVE-2025-52954HIGHJunos OS Evolved: A low-privileged user can execute arbitrary Junos commands and modify the configuration, thereby compromising the systemEPSS 0.1%CVE-2022-20519LOWIn onCreate of AddAppNetworksActivity.java, there is a possible way for a guest user to configure WiFi networks due to a missing permission EPSS 0.1%CVE-2026-4590LOWkalcaddle kodbox loginSubmit API index.class.php cross-site request forgeryEPSS 0.1%CVE-2026-39627MEDIUMWordPress Ashe theme <= 2.266 - Broken Access Control vulnerabilityEPSS 0.1%CVE-2026-0246MEDIUMPrisma Access Agent: Local Privilege Escalation VulnerabilityEPSS 0.1%CVE-2025-13766MEDIUMMasterStudy LMS WordPress Plugin – for Online Courses and Education <= 3.7.6 Missing Authorization to Authenticated (Subscriber+) Posts and Media Creation, Modification and DeletionEPSS 0.1%CVE-2026-52839LOWEasy!Appointments appointments/store and appointments/update allow cross-provider appointment injection — Authorization BypassEPSS 0.1%CVE-2026-6883LOWMissing Authorization in GitLabEPSS 0.1%CVE-2026-44448MEDIUMERPNext: Unauthorised Document modification due to missing validationEPSS 0.1%CVE-2026-57291MEDIUMMissing permission checks in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allow attackers with Overall/Read permission to connect EPSS 0.1%CVE-2026-13236MEDIUMAI Agents - Less critical - Access bypass - SA-CONTRIB-2026-056EPSS 0.1%CVE-2026-49782MEDIUMWordPress Elementor Website Builder plugin <= 4.1.0 - Broken Access Control vulnerabilityEPSS 0.1%CVE-2025-13734MEDIUMIBM Engineering Requirements Management DOORS Next could allow an authenticated user to access and modify data beyond authorized permissionsEPSS 0.1%