Fallos del tipo CWE-863

2111 resultados
CVE-2026-0934LOWIncorrect Authorization in GitLabEPSS 0.2%CVE-2024-48541HIGHIncorrect access control in the firmware update and download processes of Ruochan Smart v4.4.7 allows attackers to access sensitive informatEPSS 0.2%CVE-2022-4014MEDIUMFeehiCMS Post My Comment Tab cross-site request forgeryEPSS 0.2%CVE-2026-10211MEDIUMAstrBotDevs AstrBot fs.py _normalize_rw_path authorizationEPSS 0.2%CVE-2025-23244HIGHNVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an unprivileged attacker to escalate permissions. A successfuEPSS 0.2%CVE-2026-47238MEDIUMClipBucket: IDOR in videos subtitle editorEPSS 0.2%CVE-2025-11865MEDIUMIncorrect Authorization in GitLabEPSS 0.2%CVE-2025-66005HIGHLack of Authentication in the InputManager D-Bus interfaceEPSS 0.2%CVE-2026-45549HIGHRoxy-WI: Authorization bypass on POST /smon/agent/action/<action> — guest can stop or restart smon-agent on any hostEPSS 0.2%CVE-2023-29818MEDIUMAn issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to bypass protections viEPSS 0.2%CVE-2023-35983This issue was addressed with improved data protection. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7EPSS 0.2%CVE-2022-27608MEDIUMForcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows is vulnerable to registry key tampering by users with AdministEPSS 0.2%CVE-2026-41350MEDIUMOpenClaw < 2026.3.31 - Session Visibility Bypass via session_status in Unsandboxed InvocationsEPSS 0.2%CVE-2025-3446MEDIUMMembers Without Guest Invite Permissions Can Add Guests to TeamsEPSS 0.2%CVE-2025-32093MEDIUMSyatem admin profile modification by delegated granular administration roleEPSS 0.2%CVE-2026-27775Gitea pre-receive hook permission cache allows full repository write accessEPSS 0.2%CVE-2026-32715LOWAnythingLLM Manager Privilege Bypass Allows Access to Admin-Only System PreferencesEPSS 0.2%CVE-2025-12971MEDIUMFolders <= 3.1.5 - Incorrect Authorization to Authenticated (Contributor+) Folder Content ManipulationEPSS 0.2%CVE-2023-29819MEDIUMAn issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to bypass protections viEPSS 0.2%CVE-2023-3027HIGHThe grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtaiEPSS 0.2%