Falhas do tipo CWE-862

7.076 resultados
CVE-2023-21133MEDIUMIn onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission checkEPSS 0.1%CVE-2023-20912HIGHIn onActivityResult of AvatarPickerActivity.java, there is a possible way to access images belonging to other users due to a missing permissEPSS 0.1%CVE-2026-20626HIGHThis issue was addressed with improved checks. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Tahoe 26.3, visiEPSS 0.1%CVE-2025-0086MEDIUMIn onResult of AccountManagerService.java, there is a possible way to overwrite auth token due to a missing permission check. This could leaEPSS 0.1%CVE-2026-33802MEDIUMJunos OS: EX Series: Unauthorized users can execute service-impacting CLI commandEPSS 0.1%CVE-2024-36326HIGHMissing authorization in AMD RomArmor could allow an attacker to bypass ROMArmor protections during system resume from a standby state, poteEPSS 0.1%CVE-2026-28615CRITICALIn Telecomm, there is a possible way to initiate an unauthorized phone call due to a permissions bypass. This could lead to local escalationEPSS 0.1%CVE-2026-9255HIGHTool Execution Without Authorization via Piped Stdin in Kiro CLIEPSS 0.1%CVE-2025-41698HIGHDraeger: ICMHelper is vulnerable to a privilege escalation due too missing authorizationEPSS 0.1%CVE-2026-2299MEDIUMImproper Access Control in Mattermost Google Drive Plugin File Creation EndpointEPSS 0.1%CVE-2026-7859MEDIUMMotors Car Dealership & Classified Listings < 1.4.110 - Unauthenticated Post-Meta Write via stm_ajax_add_a_car_mediaEPSS 0.1%CVE-2025-68947MEDIUMNSecsoft NSecKrnl process termination privilege escalationEPSS 0.1%CVE-2022-20508HIGHIn onAttach of ConfigureWifiSettings.java, there is a possible way for a guest user to change WiFi settings due to a permissions bypass. ThiEPSS 0.1%CVE-2024-0037LOWIn applyCustomDescription of SaveUi.java, there is a possible way to view images belonging to a different user due to a missing permission cEPSS 0.1%CVE-2026-28587CRITICALIn MmsSmsProvider of MmsSmsProvider.java, there is a possible way to retrieve sensitive information due to a missing permission check. This EPSS 0.1%CVE-2022-48384HIGHIn srtd service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional executionEPSS 0.1%CVE-2022-20547HIGHIn multiple functions of AdapterService.java, there is a possible way to manipulate Bluetooth state due to a missing permission check. This EPSS 0.1%CVE-2024-34719HIGHIn multiple locations, there is a possible permissions bypass due to a missing null check. This could lead to local escalation of privilege EPSS 0.1%CVE-2022-20510MEDIUMIn getNearbyNotificationStreamingPolicy of DevicePolicyManagerService.java, there is a possible way to learn about the notification streaminEPSS 0.1%CVE-2024-43087HIGHIn getInstalledAccessibilityPreferences of AccessibilitySettings.java, there is a possible way to hide an enabled accessibility service in tEPSS 0.1%