Falhas do tipo CWE-863
2.100 resultadosCVE-2024-50671MEDIUMIncorrect access control in Adapt Learning Adapt Authoring Tool <= 0.11.3 allows attackers with Authenticated User roles to obtain email addEPSS 0.3%CVE-2024-21285HIGHVulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applications (component: Reports). The suppoEPSS 0.3%CVE-2025-40897HIGHIncorrect authorization for Threat Intelligence in Guardian/CMC before 26.0.0EPSS 0.3%CVE-2024-21284HIGHVulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applications (component: Reports). The suppoEPSS 0.3%CVE-2024-13282HIGHBlock permissions - Moderately critical - Access bypass - SA-CONTRIB-2024-046EPSS 0.3%CVE-2026-9603MEDIUMSourceCodester eDoc Doctor Appointment System delete-session.php authorizationEPSS 0.3%CVE-2025-53943HIGHVoidBot Open-Source Has Improper Permission Check That Allows Unauthorized Command ExecutionEPSS 0.3%CVE-2024-4011LOWImproper Access Control in GitLabEPSS 0.3%CVE-2026-21621HIGHImproper Scope Enforcement in OAuth client_credentials Flow Allows Read-Only API Key to Escalate to Full AccessEPSS 0.3%CVE-2026-41248CRITICALOfficial Clerk JavaScript SDKs: Middleware-based route protection bypassEPSS 0.3%CVE-2025-31331MEDIUMAuthorization Bypass vulnerability in SAP NetWeaverEPSS 0.3%CVE-2020-28211—A CWE-863: Incorrect Authorization vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that EPSS 0.3%CVE-2023-3509LOWIncorrect Authorization in GitLabEPSS 0.3%CVE-2025-5822HIGHAutel MaxiCharger AC Wallbox Commercial Technician API Incorrect Authorization Privilege Escalation VulnerabilityEPSS 0.3%CVE-2025-21562MEDIUMVulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft (component: Run Control Management). EPSS 0.3%CVE-2026-6713MEDIUMIncorrect Authorization in GitLabEPSS 0.3%CVE-2025-30743HIGHVulnerability in the Oracle Lease and Finance Management product of Oracle E-Business Suite (component: Internal Operations). The supporteEPSS 0.3%CVE-2026-41657MEDIUMAdmidio: Cross-Organization Member Data Exposure via Permission Check Mismatch in contacts_data.phpEPSS 0.3%CVE-2025-30744HIGHVulnerability in the Oracle Mobile Field Service product of Oracle E-Business Suite (component: Multiplatform Sync Errors). Supported versiEPSS 0.3%CVE-2024-8691MEDIUMPAN-OS: User Impersonation in GlobalProtect PortalEPSS 0.3%