Falhas do tipo CWE-863
2.102 resultadosCVE-2024-34130MEDIUMAcrobat Android : OverSecured Finding : Access to arbitrary* content providers via insecure Intent configurationEPSS 0.3%CVE-2026-35619MEDIUMOpenClaw < 2026.3.24 - Authorization Bypass via HTTP /v1/models EndpointEPSS 0.3%CVE-2026-23572HIGHImproper Access Control in TeamViewer clientsEPSS 0.3%CVE-2026-32726HIGHSciTokens C++: Sibling-Path Authorization BypassEPSS 0.3%CVE-2025-48446HIGHCommerce Alphabank Redirect - Moderately critical - Access bypass - SA-CONTRIB-2025-067EPSS 0.3%CVE-2025-24526MEDIUMChannel export permitted on archived channel when viewing archived channels is disabledEPSS 0.3%CVE-2025-48445HIGHCommerce Eurobank (Redirect) - Moderately critical - Access bypass - SA-CONTRIB-2025-066EPSS 0.3%CVE-2025-58052LOWGalette has groups managers access control bypass on MembersEPSS 0.3%CVE-2025-59449MEDIUMThe YoSmart YoLink MQTT broker through 2025-10-02 does not enforce sufficient authorization controls to prevent cross-account attacks, allowEPSS 0.3%CVE-2026-44633HIGHLive Helper Chat: REST API chat update accepts arbitrary chat fields across department boundariesEPSS 0.3%CVE-2026-46717HIGHNezha Monitoring: RoleMember-reachable SSRF with full response-body reflection via POST /api/v1/notificationEPSS 0.3%CVE-2026-44735MEDIUMOpenProject: Shares API Information DisclosureEPSS 0.3%CVE-2026-25811MEDIUMPlaciPy Email Domain Trust Enables Cross-Tenant Data Access (Multi-Tenant Isolation Failure)EPSS 0.3%CVE-2026-4857HIGHSailPoint IdentityIQ Debug UI Incorrect AuthorizationEPSS 0.3%CVE-2020-1729—A flaw was found in SmallRye's API through version 1.6.1. The API can allow other code running within the application server to potentially EPSS 0.3%CVE-2025-49145HIGHiTop admin can drop iTop database using webhooksEPSS 0.3%CVE-2020-36623MEDIUMPengu index.js runApp cross-site request forgeryEPSS 0.3%CVE-2026-32597HIGHPyJWT accepts unknown `crit` header extensions (RFC 7515 §4.1.11 MUST violation)EPSS 0.3%CVE-2026-32001MEDIUMOpenClaw < 2026.2.22 - Node Role Device-Identity Bypass via WebSocket AuthenticationEPSS 0.3%CVE-2025-3647MEDIUMMoodle: idor when accessing the cohorts reportEPSS 0.3%