Falhas do tipo CWE-862

7.076 resultados
CVE-2026-57307MEDIUMA missing permission check in Jenkins Zowe zDevOps Plugin 1.1.3.50.ve350c9b_450b_1 and earlier allows attackers with Overall/Read permissionEPSS 0.1%CVE-2023-39298HIGHQTS, QuTS heroEPSS 0.1%CVE-2025-15066MEDIUMArbitrary File Download through Path Traversal in Innorix WPEPSS 0.1%CVE-2026-33785MEDIUMJunos OS: MX Series: Missing Authorization for specific 'request' CLI commands in a JDM/CSDS scenarioEPSS 0.1%CVE-2026-28573CRITICALIn AndroidManifest.xml, there is a possible persistent denial of service due to a missing permission check. This could lead to local denial EPSS 0.1%CVE-2025-8887MEDIUMIDOR in Usta Information Systems' Aybs InteraktifEPSS 0.1%CVE-2026-11575HIGHPhonePe Payment Solutions < 3.1.0 - Unauthenticated Payment Bypass via Forged CallbackEPSS 0.1%CVE-2026-32442MEDIUMWordPress e2pdf plugin <= 1.28.15 - Broken Access Control vulnerabilityEPSS 0.1%CVE-2024-0038HIGHIn injectInputEventToInputFilter of AccessibilityManagerService.java, there is a possible arbitrary input event injection due to a missing pEPSS 0.1%CVE-2022-39117HIGHIn messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privEPSS 0.1%CVE-2025-4095MEDIUMRegistry Access Management (RAM) policies not applied when sign-in enforcement is configured via a configuration profileEPSS 0.1%CVE-2026-32562MEDIUMWordPress PPWP plugin <= 1.9.15 - Broken Access Control vulnerabilityEPSS 0.1%CVE-2024-42035HIGHPermission control vulnerability in the App Multiplier module Impact:Successful exploitation of this vulnerability may affect functionality EPSS 0.1%CVE-2023-52713HIGHVulnerability of improper permission control in the window management module. Impact: Successful exploitation of this vulnerability will affEPSS 0.1%CVE-2023-21244MEDIUMIn visitUris of Notification.java, there is a possible bypass of user profile boundaries due to a missing permission check. This could lead EPSS 0.1%CVE-2026-11858HIGHMissing authorization in Quanos SCHEMA ST4 Client Update Service allows arbitrary file overwrite as SYSTEMEPSS 0.1%CVE-2023-20916HIGHIn getMainActivityLaunchIntent of LauncherAppsService.java, there is a possible way to bypass the restrictions on starting activities from tEPSS 0.1%CVE-2023-21132MEDIUMIn onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission checkEPSS 0.1%CVE-2023-21140MEDIUMIn onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission checkEPSS 0.1%CVE-2023-21134MEDIUMIn onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission checkEPSS 0.1%