Falhas do tipo CWE-863
2.092 resultadosCVE-2022-43940HIGHHitachi Vantara Pentaho Business Analytics Server - Incorrect AuthorizationEPSS 0.6%CVE-2024-35353CRITICALA vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the EPSS 0.6%CVE-2023-26056MEDIUMXWiki Platform allows macro execution as any user without programming rights through the context macroEPSS 0.6%CVE-2022-41274MEDIUMSAP Disclosure Management - version 10.1, allows an authenticated attacker to exploit certain misconfigured application endpoints to read seEPSS 0.6%CVE-2026-42882CRITICALoxyno-zeta/s3-proxy: Security Issues in Resource Path MatchingEPSS 0.6%CVE-2024-47876HIGHSakai: Kernel users created with type roleview can login as a normal userEPSS 0.6%CVE-2020-15163HIGHInvalid root may become trusted root in The Update Framework (TUF)EPSS 0.6%CVE-2026-48303CRITICALAdobe Campaign Classic (ACC) | Incorrect Authorization (CWE-863)EPSS 0.6%CVE-2024-3033CRITICALImproper Authorization in mintplex-labs/anything-llmEPSS 0.6%CVE-2024-31441HIGHArbitrary File Reading in DataEaseEPSS 0.6%CVE-2024-54530CRITICALThe issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, visionOS 2.2, watchOS 11.EPSS 0.6%CVE-2024-57677MEDIUMAn access control issue in the component form2Wan.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the EPSS 0.6%CVE-2024-57679MEDIUMAn access control issue in the component form2RepeaterSetup.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers tEPSS 0.6%CVE-2024-1738HIGHIncorrect Authorization in lunary-ai/lunaryEPSS 0.5%CVE-2023-25548HIGH
A CWE-863: Incorrect Authorization vulnerability exists that could allow access to device
credentials on specific DCE endpoints not being pEPSS 0.5%CVE-2023-25415MEDIUMAten PE8108 2.4.232 is vulnerable to Incorrect Access Control. The device allows unauthenticated access to Event Notification configuration.EPSS 0.5%CVE-2021-42026—A vulnerability has been identified in Mendix Applications using Mendix 8 (All versions < V8.18.13), Mendix Applications using Mendix 9 (AllEPSS 0.5%CVE-2024-21262MEDIUMVulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC). Supported versions that are affected are 9.0.0 aEPSS 0.5%CVE-2023-4997HIGHImproper authorisation in Uptime DCEPSS 0.5%CVE-2026-5574MEDIUMTechnostrobe HI-LED-WR120-G2 FsBrowseClean deletefile authorizationEPSS 0.5%