Fallos del tipo CWE-863
2110 resultadosCVE-2025-15513MEDIUMFloat Payment Gateway <= 1.1.9 - Improper Authorization to Unauthenticated Order Status ManipulationEPSS 0.2%CVE-2026-53521MEDIUMNezha Monitoring: Stored future DDNS profile ID allows unauthorized use of another user's DDNS profile contextEPSS 0.2%CVE-2024-40855MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2EPSS 0.2%CVE-2021-37409HIGHImproper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enablEPSS 0.2%CVE-2026-41235HIGHFroxlor has an authorization bypass in FTP shell assignment via missing server-side `available_shells` enforcementEPSS 0.2%CVE-2024-29213HIGHIvanti DSM < version 2024.2 allows authenticated users on the local machine to run code with elevated privileges due to insecure ACL via unsEPSS 0.2%CVE-2024-29821HIGHIvanti DSM < version 2024.2 allows authenticated users on the local machine to run code with elevated privileges due to insecure ACL via unsEPSS 0.2%CVE-2026-54397MEDIUMMISP event editing allows unauthorized assignment to undisclosed sharing groupsEPSS 0.2%CVE-2026-12797MEDIUMBerriAI litellm Completions banned_keywords.py async_pre_call_hook authorizationEPSS 0.2%CVE-2024-44287MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. A maliciEPSS 0.2%CVE-2024-44253MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app mEPSS 0.2%CVE-2026-44283NONEetcd: Read access via PrevKv in etcd transactions may bypass RBAC authorization checksEPSS 0.2%CVE-2025-15288LOWTanium addressed an improper access controls vulnerability in Interact.EPSS 0.2%CVE-2025-15633MEDIUMHCL BigFix WebUI is affected by an improper authorization vulnerabilityEPSS 0.2%CVE-2026-33477MEDIUMFileRise has incorrect authorization in /api/file/snippet.php allows read_own users to read other users’ file contentEPSS 0.2%CVE-2025-63687MEDIUMAn issue was discovered in rymcu forest thru commit f782e85 (2025-09-04) in function doBefore in file src/main/java/com/rymcu/forest/core/seEPSS 0.2%CVE-2023-20880MEDIUMVMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with administrative access to the local system can eEPSS 0.2%CVE-2025-11971MEDIUMIncorrect Authorization in GitLabEPSS 0.2%CVE-2026-1768MEDIUMA permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypass permissions to access entries.This issEPSS 0.2%CVE-2024-48911MEDIUMOpenCanary Executes Commands From Potentially Writable Config FileEPSS 0.2%