Falhas do tipo CWE-863
2.092 resultadosCVE-2023-36829MEDIUMSentry CORS misconfiguration vulnerabilityEPSS 0.5%CVE-2024-50650HIGHpython_book V1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain sensitive information of users with different IEPSS 0.5%CVE-2024-4146CRITICALIncorrect Authorization in lunary-ai/lunaryEPSS 0.5%CVE-2025-3963MEDIUMwithstars Books-Management-System Background Interface list authorizationEPSS 0.5%CVE-2023-24600—OX App Suite before backend 7.10.6-rev37 allows authenticated users to bypass access controls (for reading contacts) via a move to their ownEPSS 0.5%CVE-2023-25173MEDIUMcontainerd supplementary groups are not set up properlyEPSS 0.5%CVE-2025-3960MEDIUMwithstars Books-Management-System Background Interface allreaders.html authorizationEPSS 0.5%CVE-2026-32767CRITICALSiYuan: Authorization Bypass Allows Arbitrary SQL Execution via Search APIEPSS 0.5%CVE-2022-4167MEDIUMIncorrect Authorization check affecting all versions of GitLab EE from 13.11 prior to 15.5.7, 15.6 prior to 15.6.4, and 15.7 prior to 15.7.2EPSS 0.5%CVE-2024-53941HIGHAn issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware 1.0) devices. A remote attacker (in proximiEPSS 0.5%CVE-2025-21567MEDIUMVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected aEPSS 0.5%CVE-2025-27427LOWApache ActiveMQ Artemis: Address routing-type can be updated by user without the createAddress permissionEPSS 0.5%CVE-2023-31250MEDIUMDrupal core - Moderately critical - Access bypass - SA-CORE-2023-005EPSS 0.5%CVE-2024-7097MEDIUMIncorrect Authorization in Multiple WSO2 Products via SOAP Admin Service Allowing Unauthorized User SignupEPSS 0.5%CVE-2019-14832MEDIUMA flaw was found in the Keycloak REST API before version 8.0.0 where it would permit user access from a realm the user was not configured. AEPSS 0.5%CVE-2023-26818MEDIUMTelegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLD_INSERT_LIBRARIES flag.EPSS 0.5%CVE-2025-21506HIGHVulnerability in the Oracle Project Foundation product of Oracle E-Business Suite (component: Technology Foundation). Supported versions thEPSS 0.5%CVE-2025-21516HIGHVulnerability in the Oracle Customer Care product of Oracle E-Business Suite (component: Service Requests). Supported versions that are affEPSS 0.5%CVE-2024-53553CRITICALAn issue in OPEXUS FOIAXPRESS PUBLIC ACCESS LINK v11.1.0 allows attackers to bypass authentication via crafted web requests.EPSS 0.5%CVE-2023-46992HIGHTOTOLINK A3300R V17.0.0cu.557_B20221024 is vulnerable to Incorrect Access Control. Attackers are able to reset serveral critical passwords wEPSS 0.5%