Fallos del tipo CWE-863

2101 resultados
CVE-2026-24003MEDIUMEvseV2G has sequence state validation bypassEPSS 0.3%CVE-2023-31997UniFi OS 3.1 introduces a misconfiguration on consoles running UniFi Network that allows users on a local network to access MongoDB. ApplicaEPSS 0.3%CVE-2023-3613LOWGuest accounts invited and added to channels by Welcomebot pluginEPSS 0.3%CVE-2025-6981MEDIUMIncorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed unauthorized read-only accessEPSS 0.3%CVE-2026-41174MEDIUMTraefik Kubernetes CRD allows unauthorized cross-namespace middleware bindingEPSS 0.3%CVE-2026-54357MEDIUMMISP improper authorization allows organization administrators to modify site administrator user settingsEPSS 0.3%CVE-2025-25010MEDIUMKibana privilege escalation via reporting_user roleEPSS 0.3%CVE-2026-49397MEDIUMNezha Monitoring: Private services (`EnableShowInService: false`) are enumerable via per-server endpoints, leaking name and timing dataEPSS 0.3%CVE-2025-21558MEDIUMVulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: Web AccEPSS 0.3%CVE-2026-2819MEDIUMDromara RuoYi-Vue-Plus Workflow deleteByInstanceIds SaServletFilter authorizationEPSS 0.3%CVE-2026-32946MEDIUMEgress Policy Bypass via DNS over TCP in Harden-Runner (Community Tier)EPSS 0.3%CVE-2025-47937LOWTYPO3 Vulnerable to Information Disclosure via DBAL Restriction HandlingEPSS 0.3%CVE-2024-49208MEDIUMArcher Platform 2024.03 before version 2024.08 is affected by an authorization bypass vulnerability related to supporting application files.EPSS 0.3%CVE-2025-64421HIGHCoolify has a privilege escalation - low privileged user can invite themselves as an admin userEPSS 0.3%CVE-2022-3582MEDIUMSourceCodester Simple Cold Storage Management System cross-site request forgeryEPSS 0.3%CVE-2026-35674HIGHOpenClaw < 2026.5.18 - Scope Bypass via Inherited chat.send RouteEPSS 0.3%CVE-2026-29196HIGHNetmaker: Service User with Network Access Can Access config files with WireGuard Private KeysEPSS 0.3%CVE-2024-45081MEDIUMIBM Cognos Controller incorrect authorizationEPSS 0.3%CVE-2026-32123HIGHOpenEMR: Therapy Group Sensitivity ACL No Longer EnforcedEPSS 0.3%CVE-2024-9155MEDIUMInsufficient Authorization On Unlinked Channel FilesEPSS 0.3%