Falhas do tipo CWE-863

2.110 resultados
CVE-2023-34147An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attackeEPSS 0.2%CVE-2023-3586MEDIUM Disabling publicly-shared boards does not disable existing publicly available board linksEPSS 0.2%CVE-2026-53905MEDIUMUnauthorized Access to Administrator ACL View in MCOEPSS 0.2%CVE-2025-40668HIGHIncorrect Authorization vulnerability in TCMAN GIMEPSS 0.2%CVE-2026-22784LOWLychee cross-album password propagation on Album unlockingEPSS 0.2%CVE-2025-1472MEDIUMUnauthorized View Access to Site Statistics and Team StatisticsEPSS 0.2%CVE-2026-0831MEDIUMTemplately <= 3.4.8 - Unauthenticated Limited Arbitrary JSON File WriteEPSS 0.2%CVE-2025-43459MEDIUMAn authentication issue was addressed with improved state management. This issue is fixed in watchOS 26.1. An attacker with physical access EPSS 0.2%CVE-2023-27899HIGHJenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions EPSS 0.2%CVE-2026-35657HIGHOpenClaw < 2026.3.25 - Authorization Bypass in HTTP Session History RouteEPSS 0.2%CVE-2026-4933HIGHUnpublished Node Permissions - Critical - Access bypass - SA-CONTRIB-2026-029EPSS 0.2%CVE-2025-30750LOWVulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are affected are 19.3-19.27, 21.3-21.18 andEPSS 0.2%CVE-2022-31644HIGHPotential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escEPSS 0.2%CVE-2022-31646HIGHPotential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escEPSS 0.2%CVE-2026-3573HIGHAI (Artificial Intelligence) - Moderately critical - Information Disclosure - SA-CONTRIB-2026-028EPSS 0.2%CVE-2025-68153HIGHJuju: Resource poisoningEPSS 0.2%CVE-2026-3115MEDIUMGuest users can view group member IDs without respecting view restrictionsEPSS 0.2%CVE-2022-3024MEDIUMSimple Bitcoin Faucets <= 1.7.0 - Unauthorised AJAX Call to Stored XSSEPSS 0.2%CVE-2026-32717LOWAnythingLLM access control bypass: suspended users can continue using Browser Extension API keysEPSS 0.2%CVE-2026-41232MEDIUMFroxlor has an Email Sender Alias Domain Ownership Bypass via Wrong Array Index that Allows Cross-Customer Email SpoofingEPSS 0.2%