Falhas do tipo CWE-863

2.095 resultados
CVE-2020-36969HIGHM/Monit 3.7.4 - Privilege EscalationEPSS 0.4%CVE-2023-44401MEDIUMSilverstripe GraqhQL's view permissions are bypassed for paginated lists of ORM dataEPSS 0.4%CVE-2023-50363HIGHQTS, QuTS heroEPSS 0.4%CVE-2023-5195MEDIUMA team member can soft delete other teams that they are not part ofEPSS 0.4%CVE-2025-15406MEDIUMPHPGurukul Online Course Registration authorizationEPSS 0.4%CVE-2025-21560MEDIUMVulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: SDK-Software Development Kit). The supported veEPSS 0.4%CVE-2024-45587CRITICALUnauthorized Modification VulnerabilityEPSS 0.4%CVE-2023-23476LOWIBM Robotic Process Automation information disclosureEPSS 0.4%CVE-2025-11581MEDIUMPowerJob OpenAPIController runJob authorizationEPSS 0.4%CVE-2022-2597Visual Portfolio < 2.19.0 - Contributor+ CSS InjectionEPSS 0.4%CVE-2024-25604MEDIUMLiferay Portal 7.2.0 through 7.4.3.4, and older unsupported versions, and Liferay DXP 7.4.13, 7.3 before service pack 3, 7.2 before fix packEPSS 0.4%CVE-2025-24437MEDIUMAdobe Commerce | Incorrect Authorization (CWE-863)EPSS 0.4%CVE-2025-14986LOWExecuteMultiOperation Namespace Policy BypassEPSS 0.4%CVE-2020-17354HIGHLilyPond before 2.24 allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated bEPSS 0.4%CVE-2026-24480HIGHQGIS had validated RCE and Repository Takeover via GitHub ActionsEPSS 0.4%CVE-2024-52732CRITICALIncorrect access control in wms-Warehouse management system-zeqp v2.20.9.1 due to the token value of the zeqp system being reused.EPSS 0.4%CVE-2024-3722MEDIUMSwift Performance Lite <= 2.3.6.18 - Incorrect Authorization to Authenticated (Subscriber+) Settings ModificationEPSS 0.4%CVE-2026-31892HIGHWorkflowTemplate Security Bypass via podSpecPatch in Strict/Secure Reference ModeEPSS 0.4%CVE-2023-28357MEDIUMA vulnerability has been identified in Rocket.Chat, where the ACL checks in the Slash Command /mute occur after checking whether a user is aEPSS 0.4%CVE-2026-32051HIGHOpenClaw < 2026.3.1 - Authorization Bypass in Agent Runs via Owner-Only Tool AccessEPSS 0.4%