Falhas do tipo CWE-863
2.093 resultadosCVE-2021-26563HIGHIncorrect authorization vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.4-25553 allows local users to eEPSS 0.5%CVE-2024-48778CRITICALAn issue in GIANT MANUFACTURING CO., LTD RideLink (tw.giant.ridelink) 2.0.7 allows a remote attacker to obtain sensitive information via theEPSS 0.5%CVE-2026-33888MEDIUMApostropheCMS: publicApiProjection Bypass via `project` Query Builder in Piece-Type REST APIEPSS 0.5%CVE-2024-48772CRITICALAn issue in C-CHIP (com.cchip.cchipamaota) v.1.2.8 allows a remote attacker to obtain sensitive information via the firmware update process.EPSS 0.5%CVE-2024-5714HIGHImproper Access Control in lunary-ai/lunaryEPSS 0.5%CVE-2024-31682CRITICALIncorrect access control in the fingerprint authentication mechanism of Phone Cleaner: Boost & Clean v2.2.0 allows attackers to bypass fingeEPSS 0.5%CVE-2024-39690HIGHCapsule tenant owner with "patch namespace" permission can hijack system namespacesEPSS 0.5%CVE-2024-41939HIGHA vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly enforce authorization cheEPSS 0.5%CVE-2023-4812HIGHIncorrect Authorization in GitLabEPSS 0.5%CVE-2023-22891HIGHThere exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users EPSS 0.5%CVE-2023-36826HIGHSentry vulnerable to improper authorization on debug and artifact file downloadsEPSS 0.5%CVE-2025-48466HIGHModbus Command Injection without AuthenticationEPSS 0.5%CVE-2024-5816MEDIUMImproper authorization allows persistent access in GitHub Enterprise ServerEPSS 0.5%CVE-2022-24189MEDIUMThe user_token authorization header on the Ourphoto App version 1.4.1 /apiv1/* end-points is not implemented properly. Removing the value caEPSS 0.5%CVE-2023-27485MEDIUMInsufficient verification of authorisation when accessing subresults in thmmniii/fbs-coreEPSS 0.5%CVE-2025-24436MEDIUMAdobe Commerce | Incorrect Authorization (CWE-863)EPSS 0.5%CVE-2025-24421MEDIUMAdobe Commerce | Incorrect Authorization (CWE-863)EPSS 0.5%CVE-2024-11669MEDIUMIncorrect Authorization in GitLabEPSS 0.5%CVE-2024-3404MEDIUMImproper Access Control in gaizhenbiao/chuanhuchatgptEPSS 0.5%CVE-2024-48769CRITICALAn issue in BURG-WCHTER KG de.burgwachter.keyapp.app 4.5.0 allows a remote attacker to obtain sensitve information via the firmware update pEPSS 0.5%