Falhas do tipo CWE-863

2.110 resultados
CVE-2025-63687MEDIUMAn issue was discovered in rymcu forest thru commit f782e85 (2025-09-04) in function doBefore in file src/main/java/com/rymcu/forest/core/seEPSS 0.2%CVE-2024-44253MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app mEPSS 0.2%CVE-2026-1768MEDIUMA permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypass permissions to access entries.This issEPSS 0.2%CVE-2024-48911MEDIUMOpenCanary Executes Commands From Potentially Writable Config FileEPSS 0.2%CVE-2025-11971MEDIUMIncorrect Authorization in GitLabEPSS 0.2%CVE-2023-20880MEDIUMVMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with administrative access to the local system can eEPSS 0.2%CVE-2025-30748MEDIUMVulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology). Supported versions thEPSS 0.2%CVE-2026-6290HIGHVelociraptor Query() Plugin Misapplies Permissions To OrgsEPSS 0.2%CVE-2025-24500HIGHThe vulnerability allows an unauthenticated attacker to access information in PAM database.EPSS 0.2%CVE-2026-41189HIGHFreeScout has assigned-only visibility bypass that allows editing hidden customer-authored threadsEPSS 0.2%CVE-2026-49824HIGHFission: Cross-namespace Environment reference via unvalidated EnvironmentRef in Function admission webhookEPSS 0.2%CVE-2023-27951MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An arcEPSS 0.2%CVE-2026-3210MEDIUMMaterial Icons - Moderately critical - Access bypass - SA-CONTRIB-2026-011EPSS 0.2%CVE-2023-6542HIGHImproper Export of Android Application Components in SAP EMARSYS SDK ANDROIDEPSS 0.2%CVE-2026-41908LOWOpenClaw < 2026.4.20 - Scope Enforcement Bypass in Assistant-Media RouteEPSS 0.2%CVE-2026-41381LOWOpenClaw < 2026.3.31 - Access Control Bypass in Discord Voice Manager via Channel AllowlistEPSS 0.2%CVE-2024-2321MEDIUMIncorrect Authorization in Multiple WSO2 Products Allows API Access via Refresh TokenEPSS 0.2%CVE-2026-25566HIGHWeKan < 8.19 Cross-board Card Move Without Destination AuthorizationEPSS 0.2%CVE-2026-44557MEDIUMOpen WebUI: Global Knowledge Base Enumeration via knowledge-bases Meta-CollectionEPSS 0.2%CVE-2024-39871MEDIUMA vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected applications do not properly separatEPSS 0.2%