Falhas do tipo CWE-285

1.302 resultados
CVE-2026-47713LOWAnythingLLM: Legacy mobile device tokens bypass multi-user workspace scoping after mode migrationEPSS 0.2%CVE-2026-7709MEDIUMjaneczku Calibre-Web Endpoint kobo_auth.py generate_auth_token improper authorizationEPSS 0.2%CVE-2025-54787LOWSuiteCRM: Improper Authorization for attachment downloadsEPSS 0.2%CVE-2025-8794MEDIUMLitmusChaos Litmus LocalStorage authorizationEPSS 0.2%CVE-2026-10070MEDIUMmacrozheng mall Super Admin Password update improper authorizationEPSS 0.2%CVE-2026-30495HIGHThe Optoma CinemaX P2 projector (firmware TVOS-04.24.010.04.01, Android 8.0.0) exposes Android Debug Bridge (ADB) on TCP port 5555 over the EPSS 0.2%CVE-2026-35479MEDIUMInvenTree Plugin Installation - Insufficient PermissionsEPSS 0.2%CVE-2026-6613MEDIUMTransformerOptimus SuperAGI agent.py get_schedule_data authorizationEPSS 0.2%CVE-2021-25399Improper configuration in Smart Manager prior to version 11.0.05.0 allows attacker to access the file with system privilege.EPSS 0.2%CVE-2022-3787HIGHA vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alEPSS 0.2%CVE-2026-6614MEDIUMTransformerOptimus SuperAGI project.py get_projects_organisation authorizationEPSS 0.2%CVE-2026-7144MEDIUM1000 Projects Portfolio Management System MCA update_passwd_process.php authorizationEPSS 0.2%CVE-2023-38135MEDIUMImproper authorization in some Intel(R) PM software may allow a privileged user to potentially enable escalation of privilege via local acceEPSS 0.2%CVE-2026-34051MEDIUMOpenEMR has Improper ACL On Import/Export PopupEPSS 0.2%CVE-2026-11441MEDIUMtheonedev Pull Request issues canAccessIssue improper authorizationEPSS 0.2%CVE-2026-11336MEDIUMtittuvarghese CollegeManagementSystem Admin admin_page.php improper authorizationEPSS 0.2%CVE-2026-11438MEDIUMtheonedev projects improper authorizationEPSS 0.2%CVE-2025-12367MEDIUMSiteSEO – SEO Simplified <= 1.3.1 - Missing Authorization to Authenticated (Author+) Plugin Settings UpdateEPSS 0.2%CVE-2026-42876MEDIUMExternal Secrets Operator: Priviledge escalation with secret overwritingEPSS 0.2%CVE-2026-11439MEDIUMtheonedev Parent Project projects improper authorizationEPSS 0.2%