Fallos del tipo CWE-863
2080 resultadosCVE-2023-27388CRITICALImproper authentication vulnerability in T&D Corporation and ESPEC MIC CORP. data logger products allows a remote unauthenticated attacker tEPSS 1.3%CVE-2023-24829HIGHApache IoTDB Workbench: apache/iotdb-web-workbench: forge the JWTToken to access workbenchEPSS 1.2%CVE-2022-23739CRITICALIncorrect authorization check in GitHub Enterprise Server leading to escalation of privileges in GraphQL API requests from GitHub Apps using scoped user-to-server tokensEPSS 1.2%CVE-2024-2473MEDIUMWPS Hide Login <= 1.9.15.2 - Login Page DisclosureEPSS 1.2%CVE-2026-34453HIGHSiYuan: Broken access control in /api/bookmark/getBookmark allows unauthenticated publish visitors to read password-protected bookmarked contentEPSS 1.2%CVE-2020-3578MEDIUMCisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN Portal Access Rule Bypass VulnerabilityEPSS 1.2%CVE-2023-26829CRITICALAn authentication bypass vulnerability in the Password Reset component of Gladinet CentreStack before 13.5.9808 allows remote attackers to sEPSS 1.2%CVE-2024-27138HIGHApache Archiva: disabling user registration is not effectiveEPSS 1.2%CVE-2021-20179—A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate EPSS 1.2%CVE-2022-21713MEDIUMExposure of Sensitive Information in GrafanaEPSS 1.2%CVE-2022-24714MEDIUMDisclosure of hosts and related data, linked to decommissioned services in Icinga Web 2EPSS 1.2%CVE-2024-28394CRITICALAn issue in Advanced Plugins reportsstatistics v1.3.20 and before allows a remote attacker to execute arbitrary code via the Sales Reports, EPSS 1.2%CVE-2022-1223MEDIUMIncorrect Authorization in phpipam/phpipamEPSS 1.2%CVE-2023-38389CRITICALWordPress Jupiter X Core plugin <= 3.3.8 - Unauthenticated Account Takeover vulnerabilityEPSS 1.2%CVE-2022-0981—A flaw was found in Quarkus. The state and potentially associated permissions can leak from one web request to another in RestEasy Reactive.EPSS 1.1%CVE-2022-0580HIGHIncorrect Authorization in librenms/librenmsEPSS 1.1%CVE-2022-1706—A vulnerability was found in Ignition where ignition configs are accessible from unprivileged containers in VMs running on VMware products. EPSS 1.1%CVE-2026-24780HIGHAutoGPT is Vulnerable to RCE via Disabled Block ExecutionEPSS 1.1%CVE-2017-2599MEDIUMJenkins before versions 2.44 and 2.32.2 is vulnerable to an insufficient permission check. This allows users with permissions to create new EPSS 1.1%CVE-2023-33779HIGHA lateral privilege escalation vulnerability in XXL-Job v2.4.1 allows users to execute arbitrary commands on another user's account via a crEPSS 1.1%