Fallos del tipo CWE-862

6846 resultados
CVE-2024-12431MEDIUMMissing Authorization in GitLabEPSS 0.4%CVE-2025-11372MEDIUMLearnPress – WordPress LMS Plugin <= 4.2.9.3 - Missing Authorization to Unauthenticated Database Table ManipulationEPSS 0.4%CVE-2026-50137HIGHBudibase: POST /api/attachments/:datasourceId/url is unauthenticated and lets anonymous callers mint S3 PUT pre-signed URLs using stored datasource IAM credentialsEPSS 0.4%CVE-2026-34053HIGHOpenEMR Missing Authorization in Procedure Order AJAX Deletion HandlerEPSS 0.4%CVE-2025-42953HIGHMissing Authorization check in SAP NetWeaver Application Server for ABAPEPSS 0.4%CVE-2024-43302MEDIUMWordPress Fonts plugin <= 3.7.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-40776HIGHWordPress Eventin plugin <= 4.1.8 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-24633MEDIUMWordPress Build Private Store For Woocommerce plugin <= 1.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-42989CRITICALMissing Authorization check in SAP NetWeaver Application Server for ABAPEPSS 0.4%CVE-2023-52214MEDIUMWordPress Void Contact Form 7 Widget For Elementor Page Builder plugin <= 2.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-6824MEDIUMPremium Addons for Elementor <= 4.10.38 - Missing Authorization to Authenticated (Contributor+) Arbitrary Content Deletion and Arbitrary Title UpdateEPSS 0.4%CVE-2025-24652MEDIUMWordPress WP Duplicate plugin <= 1.1.6 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2021-47701HIGHOpenBMCS User Management Privilege EscalationEPSS 0.4%CVE-2021-3653A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine cEPSS 0.4%CVE-2025-4477HIGHTeamT5 ThreatSonar Anti-Ransomware - Privilege EscalationEPSS 0.4%CVE-2025-52024CRITICALA vulnerability exists in the Aptsys POS Platform Web Services module thru 2025-05-28, which exposes internal API testing tools to unauthentEPSS 0.4%CVE-2023-45000HIGHWordPress LiteSpeed Cache plugin <= 5.7 - Unauthenticated Broken Access Control on API vulnerabilityEPSS 0.4%CVE-2025-24589MEDIUMWordPress JSM Show Post Metadata plugin <= 4.6.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-33565CRITICALWordPress Barcode Scanner with Inventory & Order Manager plugin <= 1.5.3 - Unauthenticated Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-22534MEDIUMWordPress Slides & Presentations Plugin <= 0.0.39 - Broken Access Control vulnerabilityEPSS 0.4%