Falhas do tipo CWE-285
1.285 resultadosCVE-2021-42338CRITICAL4MOSAn GCB Doctor - Improper AuthorizationEPSS 5.6%CVE-2019-7489—A vulnerability in SonicWall Email Security appliance allow an unauthenticated user to perform remote code execution. This vulnerability affEPSS 5.3%CVE-2026-34222HIGHOpen WebUI has Broken Access Control in Tool ValvesEPSS 5.3%CVE-2020-1745HIGHA file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.EPSS 4.8%CVE-2025-29794HIGHMicrosoft SharePoint Remote Code Execution VulnerabilityEPSS 4.5%CVE-2019-1897MEDIUMCisco RV110W, RV130W, and RV215W Routers Denial of Service VulnerabilityEPSS 4.5%CVE-2017-6044—An Improper Authorization issue was discovered in Sierra Wireless AirLink Raven XE, all versions prior to 4.0.14, and AirLink Raven XT, all EPSS 4.3%CVE-2024-51479HIGHAuthorization bypass in Next.jsEPSS 3.9%CVE-2021-42126—An improper authorization control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail ServiEPSS 3.9%CVE-2024-34257CRITICALTOTOLINK EX1800T V9.1.0cu.2112_B20220316 has a vulnerability in the apcliEncrypType parameter that allows unauthorized execution of arbitrarEPSS 3.8%CVE-2025-2360MEDIUMD-Link DIR-823G UPnP Service HNAP1 SetUpnpSettings improper authorizationEPSS 3.8%CVE-2026-22252CRITICALLibreChat MCP Stdio Remote Command ExecutionEPSS 3.7%CVE-2023-21433HIGHImproper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy SEPSS 3.7%CVE-2022-21196CRITICALAirspan Networks Mimosa Improper AuthorizationEPSS 3.5%CVE-2025-3980MEDIUMwowjoy 浙江湖州华卓信息科技有限公司 Internet Doctor Workstation System list improper authorizationEPSS 3.5%CVE-2024-12483MEDIUMDromara UJCMS User ID id authorizationEPSS 3.4%CVE-2019-1899MEDIUMCisco RV110W, RV130W, and RV215W Routers Information Disclosure VulnerabilityEPSS 3.4%CVE-2018-10861—A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph sEPSS 3.2%CVE-2017-16743—An Improper Authorization issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx Series products running firmware Version 1EPSS 3.1%CVE-2021-25374HIGHAn improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and bEPSS 3.1%