Falhas do tipo CWE-863
2.080 resultadosCVE-2023-22482CRITICALJWT audience claim is not verifiedEPSS 0.9%CVE-2023-27526MEDIUMApache Superset: Improper Authorization check on import chartsEPSS 0.9%CVE-2021-23203HIGHImproper access control in reporting engine of Odoo Community 14.0 through 15.0, and Odoo Enterprise 14.0 through 15.0, allows remote attackEPSS 0.9%CVE-2024-25170CRITICALAn issue in Mezzanine v6.0.0 allows attackers to bypass access controls via manipulating the Host header.EPSS 0.9%CVE-2021-24788—Batch Cat <= 0.3 - Subscriber+ Arbitrary Categories Add/Set/Delete to PostsEPSS 0.9%CVE-2022-27642MEDIUMThis vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91EPSS 0.9%CVE-2020-3467HIGHCisco Identity Services Engine Authorization Bypass VulnerabilityEPSS 0.9%CVE-2024-39352MEDIUMA vulnerability regarding incorrect authorization is found in the firmware upgrade functionality. This allows remote authenticated users witEPSS 0.9%CVE-2024-26016MEDIUMApache Superset: Improper authorization validation on dashboards and charts importEPSS 0.9%CVE-2020-25240—A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0). Unpriviledged users can access services when guesEPSS 0.9%CVE-2022-46167HIGHCapsule vulnerable to privilege escalation by ServiceAccount deployed in a Tenant NamespaceEPSS 0.9%CVE-2023-27486HIGHInsufficient authorization validation between zones when xCAT zones are enabledEPSS 0.9%CVE-2023-28698CRITICALWADE DIGITAL DESIGN CO, LTD. FANTSY - Broken Acesss ControlEPSS 0.8%CVE-2018-20826—The inline-create rest resource in Jira before version 7.12.3 allows authenticated remote attackers to set the reporter in issues via a missEPSS 0.8%CVE-2024-34106MEDIUMInsecure Direct Object Reference - An attacker can able to erase the victim quote detailsEPSS 0.8%CVE-2023-22500HIGHglpi Unauthorized access to inventory filesEPSS 0.8%CVE-2023-49982HIGHBroken access control in the component /admin/management/users of School Fees Management System v1.0 allows attackers to escalate privilegesEPSS 0.8%CVE-2022-23553HIGHURL access filters bypass in AlpineEPSS 0.8%CVE-2023-36387MEDIUMApache Superset: Improper API permission for low privilege usersEPSS 0.8%CVE-2023-36556HIGHAn incorrect authorization vulnerability [CWE-863] in FortiMail webmail version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.5 and below 6EPSS 0.8%