Falhas do tipo CWE-863

2.111 resultados
CVE-2025-10696HIGHOpenSupports 4.11.0 — Insecure Direct Object Reference in supervised listEPSS 0.2%CVE-2025-11888LOWShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution <= 4.8.4 - Incorrect Authorization to Authenticated (Editor+) License Status UpdateEPSS 0.2%CVE-2025-62189MEDIUMLogStare Collector contains an incorrect authorization vulnerability in UserRegistration. If exploited, a non-administrative user may createEPSS 0.2%CVE-2024-24966MEDIUMF5OS vulnerabilityEPSS 0.2%CVE-2026-44681MEDIUMAuthlib: Open Redirect in Authlib OIDC Implicit/Hybrid AuthorizationEPSS 0.2%CVE-2025-61830HIGHAdobe Pass | Incorrect Authorization (CWE-863)EPSS 0.2%CVE-2024-44172LOWA privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14EPSS 0.2%CVE-2025-53922LOWGalette has access control bypassEPSS 0.2%CVE-2025-43197MEDIUMThis issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 1EPSS 0.2%CVE-2024-48544HIGHIncorrect access control in the firmware update and download processes of Sylvania Smart Home v3.0.3 allows attackers to access sensitive inEPSS 0.2%CVE-2024-44301MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. A maliciEPSS 0.2%CVE-2024-48546HIGHIncorrect access control in the firmware update and download processes of Wear Sync v1.2.0 allows attackers to access sensitive information EPSS 0.2%CVE-2024-40843MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. An app may be able to modify protected parts of the fEPSS 0.2%CVE-2026-58424HIGHPermanent Fork PR Workflow Approval Gate BypassEPSS 0.2%CVE-2022-4014MEDIUMFeehiCMS Post My Comment Tab cross-site request forgeryEPSS 0.2%CVE-2026-45081MEDIUMFrappe HR: Permission Bypass in HRMS Leave Details APIEPSS 0.2%CVE-2025-69218HIGHDiscourse moderators can access admin-only reports exposing private upload URLsEPSS 0.2%CVE-2026-55189HIGHRustFS: FTP frontend skips IAM authorization on object readsEPSS 0.2%CVE-2025-64753MEDIUMgrist-core has insufficient access control in endpoints for comparisons between documents and versionsEPSS 0.2%CVE-2026-0934LOWIncorrect Authorization in GitLabEPSS 0.2%