Falhas do tipo CWE-837
16 resultadosCVE-2024-11716MEDIUMWhile assignment of a user to a team (bracket) in CTFd should be possible only once, at the registration, a flaw in logic implementation alEPSS 11.7%CVE-2023-6759MEDIUMThecosy IceCMS Love resource improper enforcement of a single, unique actionEPSS 1.0%CVE-2024-4629MEDIUMKeycloak: potential bypass of brute force protectionEPSS 0.8%CVE-2023-6438MEDIUMThecosy IceCMS Like improper enforcement of a single, unique actionEPSS 0.7%CVE-2024-11717MEDIUMTokens in CTFd used for account activation and password resetting can be used interchangeably for these operations. When used, they are sentEPSS 0.6%CVE-2023-6467LOWThecosy IceCMS Comment Like improper enforcement of a single, unique actionEPSS 0.6%CVE-2024-11301MEDIUMImproper Enforcement of Unique Constraint in lunary-ai/lunaryEPSS 0.5%CVE-2023-5313MEDIUMphpkobo Ajax Poll Script ajax-poll.php improper enforcement of a single, unique actionEPSS 0.5%CVE-2026-42609HIGHGrav: Administrative Account Disruption and Privilege De-escalation via User Overwrite LogicEPSS 0.5%CVE-2024-12123MEDIUMUnauthorized Modification of Ticket RequesterEPSS 0.4%CVE-2026-44601LOWTor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka TROEPSS 0.3%CVE-2025-54315HIGHThe Matrix specification before 1.16 (i.e., with a room version before 12) lacks create event uniqueness.EPSS 0.3%CVE-2025-58135MEDIUMZoom Workplace Clients for Windows - Improper Action EnforcementEPSS 0.2%CVE-2025-62782MEDIUMInventoryGUI vulnerable to item duplication via Bundle items when using GuiStorageElementEPSS 0.2%CVE-2025-62783MEDIUMInventoryGui affected by item duplication in GUIs which use GuiStorageElementEPSS 0.2%CVE-2025-62784MEDIUMInventoryGui allows item duplication in GUIs which use GuiStorageElementEPSS 0.2%