Falhas do tipo CWE-266

946 resultados
CVE-2025-11048MEDIUMPortabilis i-Educar consulta-dispensas improper authorizationEPSS 0.3%CVE-2025-11049MEDIUMPortabilis i-Educar unificacao-aluno improper authorizationEPSS 0.3%CVE-2026-4617MEDIUMSourceCodester Patients Waiting Area Queue Management System Patient Check-In api_patient_checkin.php ValidateToken improper authorizationEPSS 0.3%CVE-2025-11050MEDIUMPortabilis i-Educar periodo-lancamento improper authorizationEPSS 0.3%CVE-2026-42368CRITICALGeoVision LPC2011/LPC2211 Web Interface privilege escalation vulnerabilityEPSS 0.3%CVE-2025-62007HIGHWordPress Voice Feedback plugin <= 1.0.3 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2025-10976LOWJeecgBoot getDepartUserList improper authorizationEPSS 0.3%CVE-2025-46204MEDIUMAn issue in Unifiedtransform v2.0 allows a remote attacker to escalate privileges via the /course/edit/{id} endpoint.EPSS 0.3%CVE-2026-32519CRITICALWordPress Bit SMTP plugin <= 1.2.2 - Broken Authentication vulnerabilityEPSS 0.3%CVE-2019-10143MEDIUMIt was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who alreadEPSS 0.3%CVE-2026-32488HIGHWordPress User Registration plugin <= 4.4.9 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2026-27395CRITICALWordPress Support Board plugin < 3.8.9 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2025-53580CRITICALWordPress Simple Business Directory Pro Plugin < 15.6.9 - Privilege Escalation VulnerabilityEPSS 0.3%CVE-2024-38278HIGHA vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.9.0), RUGGEDCOM RMC8388NC V5.X (All versions < V5.9.0), RUGEPSS 0.3%CVE-2025-11554MEDIUMPortabilis i-Educar User Type AccessLevelController.php insecure inherited permissionsEPSS 0.3%CVE-2019-19350An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ansible-service-broker as shipped in Red Hat OpensEPSS 0.3%CVE-2025-44655CRITICALIn TOTOLink A7100RU V7.4, A950RG V5.9, and T10 V5.9, the chroot_local_user option is enabled in the vsftpd.conf. This could lead to unauthorEPSS 0.3%CVE-2022-20855HIGHCisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points Privilege Escalation VulnerabilityEPSS 0.3%CVE-2025-54735HIGHWordPress CubeWP Framework Plugin <= 1.1.24 - Privilege Escalation VulnerabilityEPSS 0.3%CVE-2025-55707HIGHWordPress PostX Plugin <= 4.1.35 - Privilege Escalation VulnerabilityEPSS 0.3%