Fallos del tipo CWE-863

2109 resultados
CVE-2026-41232MEDIUMFroxlor has an Email Sender Alias Domain Ownership Bypass via Wrong Array Index that Allows Cross-Customer Email SpoofingEPSS 0.2%CVE-2025-57728MEDIUMIn JetBrains IntelliJ IDEA before 2025.2 improper access control allowed Code With Me guest to discover hidden filesEPSS 0.2%CVE-2022-3024MEDIUMSimple Bitcoin Faucets <= 1.7.0 - Unauthorised AJAX Call to Stored XSSEPSS 0.2%CVE-2025-10908HIGHAccount Lock Bypass via Magic Link or Pass Key Authentication in WSO2 Identity Server Allows Unauthorized AccessEPSS 0.2%CVE-2025-31227MEDIUMA logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5. An attacker with physical access to a devEPSS 0.2%CVE-2026-40515HIGHOpenHarness Permission Bypass via grep and glob root argumentEPSS 0.2%CVE-2026-44567HIGHOpen WebUI: Open WebUI Improper Authorization ControlEPSS 0.2%CVE-2023-6400HIGHIncorrect user authorization vulnerability on OpenText ZENworks Configuration Management (ZCM) product.EPSS 0.2%CVE-2025-41423LOWUnauthorized Playbooks Post Deletion in Mattermost Playbooks PluginEPSS 0.2%CVE-2022-34397MEDIUM Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 10.0.0.5 and below contains an authorization bypassEPSS 0.2%CVE-2026-29195MEDIUMNetmaker: Privilege Escalation from Admin to Super-Admin via User UpdateEPSS 0.2%CVE-2026-26274MEDIUMOctober: Safe Mode Bypass via Twig Database Write OperationsEPSS 0.2%CVE-2026-54358HIGHMISP organization administrators can target site administrator accounts for password resetEPSS 0.2%CVE-2024-22316MEDIUMIBM Sterling File Gateway improper access controlEPSS 0.2%CVE-2025-2564MEDIUMUnauthorized View Access to Archived Channel Member InfoEPSS 0.2%CVE-2025-27213MEDIUMAn Improper Access Control could allow a malicious actor authenticated in the API of certain UniFi Connect devices to enable Android Debug BEPSS 0.2%CVE-2026-2465HIGHImproper Authorization in E-Kalite's Turboard FOR-SEPSS 0.2%CVE-2026-33249MEDIUMNATS: Message tracing can be redirected to arbitrary subjectEPSS 0.2%CVE-2026-32991HIGHImproper authorization checks of team members privileges allow a team member to escalate privileges to the team owner account.EPSS 0.2%CVE-2021-37409HIGHImproper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enablEPSS 0.2%