Fallos del tipo CWE-863
2102 resultadosCVE-2025-43806MEDIUMBatch Engine in Liferay Portal 7.4.0 through 7.4.3.112, and Liferay DXP 2023.Q4.0 through 2023.Q4.7, 2023.Q3.1 through 2023.Q3.10, and 7.4 GEPSS 0.2%CVE-2023-34146—An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attackeEPSS 0.2%CVE-2023-34148—An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attackeEPSS 0.2%CVE-2025-40668HIGHIncorrect Authorization vulnerability in TCMAN GIMEPSS 0.2%CVE-2025-1472MEDIUMUnauthorized View Access to Site Statistics and Team StatisticsEPSS 0.2%CVE-2026-22784LOWLychee cross-album password propagation on Album unlockingEPSS 0.2%CVE-2023-27899HIGHJenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions EPSS 0.2%CVE-2026-0831MEDIUMTemplately <= 3.4.8 - Unauthenticated Limited Arbitrary JSON File WriteEPSS 0.2%CVE-2025-43459MEDIUMAn authentication issue was addressed with improved state management. This issue is fixed in watchOS 26.1. An attacker with physical access EPSS 0.2%CVE-2022-31646HIGHPotential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escEPSS 0.2%CVE-2026-4933HIGHUnpublished Node Permissions - Critical - Access bypass - SA-CONTRIB-2026-029EPSS 0.2%CVE-2025-30750LOWVulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are affected are 19.3-19.27, 21.3-21.18 andEPSS 0.2%CVE-2022-31644HIGHPotential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escEPSS 0.2%CVE-2026-35657HIGHOpenClaw < 2026.3.25 - Authorization Bypass in HTTP Session History RouteEPSS 0.2%CVE-2026-3573HIGHAI (Artificial Intelligence) - Moderately critical - Information Disclosure - SA-CONTRIB-2026-028EPSS 0.2%CVE-2025-68153HIGHJuju: Resource poisoningEPSS 0.2%CVE-2026-3115MEDIUMGuest users can view group member IDs without respecting view restrictionsEPSS 0.2%CVE-2025-57728MEDIUMIn JetBrains IntelliJ IDEA before 2025.2 improper access control allowed Code With Me guest to discover hidden filesEPSS 0.2%CVE-2022-3024MEDIUMSimple Bitcoin Faucets <= 1.7.0 - Unauthorised AJAX Call to Stored XSSEPSS 0.2%CVE-2026-41232MEDIUMFroxlor has an Email Sender Alias Domain Ownership Bypass via Wrong Array Index that Allows Cross-Customer Email SpoofingEPSS 0.2%