Falhas do tipo CWE-286
30 resultadosCVE-2026-35638HIGHOpenClaw < 2026.3.22 - Privilege Escalation via Self-Declared Scopes in Trusted-Proxy Control UIEPSS 0.3%CVE-2023-51750—ScaleFusion 10.5.2 does not properly limit users to the Edge application because file downloads can occur. NOTE: the vendor's position is "NEPSS 0.3%CVE-2024-9312HIGHAuthd, through version 0.3.6, did not sufficiently randomize user IDs to prevent collisions. A local attacker who can register user names coEPSS 0.3%CVE-2024-13041MEDIUMIncorrect User Management in GitLabEPSS 0.3%CVE-2025-63563MEDIUMSummer Pearl Group Vacation Rental Management Platform prior to v1.0.2 does not properly invalidate active user sessions after a password chEPSS 0.2%CVE-2021-21553HIGHDell PowerScale OneFS versions 8.1.0-9.1.0 contain an Incorrect User Management vulnerability.under some specific conditions, this can allowEPSS 0.2%CVE-2024-6356MEDIUMIncorrect User Management in GitLabEPSS 0.2%CVE-2023-20253HIGHA vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local attackeEPSS 0.2%CVE-2023-25519HIGH
NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit contains a vulnerability where a restricted host may cause an incorrecEPSS 0.2%CVE-2024-58105HIGHA vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could allow a local attacker to bypass existing sEPSS 0.2%