Fallos del tipo CWE-863
2098 resultadosCVE-2023-0120LOWIncorrect Authorization in GitLabEPSS 0.4%CVE-2025-8435MEDIUMcode-projects Online Movie Streaming admin-control.php authorizationEPSS 0.4%CVE-2023-32061MEDIUMDiscourse Topic Creation Page Allows iFrame Tag without RestrictionsEPSS 0.4%CVE-2025-62648MEDIUMThe Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows remote attackers to adjust Drive Thru speaker audio vEPSS 0.4%CVE-2025-14987MEDIUMCross Namespace Commands Authorization BypassEPSS 0.4%CVE-2025-69196HIGHFastMCP OAuth Proxy token reuse across MCP serversEPSS 0.4%CVE-2024-12148MEDIUMIncorrect authorization in permission validation component in Devolutions Server 2024.3.6.0 and earlier allows an authenticated user to acceEPSS 0.4%CVE-2024-13253CRITICALAdvanced PWA - Critical - Access bypass - SA-CONTRIB-2024-017EPSS 0.4%CVE-2026-43530HIGHOpenClaw 2026.2.23 < 2026.4.12 - Weakened Exec Approval Binding via busybox and toybox Applet ExecutionEPSS 0.4%CVE-2025-0765MEDIUMIncorrect Authorization in GitLabEPSS 0.4%CVE-2026-33576MEDIUMOpenClaw < 2026.3.28 - Unauthorized Media Download via Zalo ChannelEPSS 0.4%CVE-2019-3887MEDIUMA flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. InEPSS 0.4%CVE-2024-45204HIGHA vulnerability exists where a low-privileged user can exploit insufficient permissions in credential handling to leak NTLM hashes of saved EPSS 0.4%CVE-2024-31409MEDIUMCyberPower PowerPanel business Incorrect AuthorizationEPSS 0.4%CVE-2025-54267MEDIUMAdobe Commerce | Incorrect Authorization (CWE-863)EPSS 0.4%CVE-2025-62651MEDIUMThe Restaurant Brands International (RBI) assistant platform through 2025-09-06 does not implement access control for the bathroom rating inEPSS 0.4%CVE-2025-2242HIGHIncorrect Authorization in GitLabEPSS 0.4%CVE-2025-48472MEDIUMFreeScout Vulnerable to Insufficient AuthorizationEPSS 0.4%CVE-2025-3879MEDIUMVault’s Azure Authentication Method bound_location Restriction Could be Bypassed on LoginEPSS 0.4%CVE-2021-4268MEDIUMphpRedisAdmin cross-site request forgeryEPSS 0.4%