Fallos del tipo CWE-269
1779 resultadosCVE-2024-1908MEDIUMImproper Privilege Management vulnerability was identified in GitHub Enterprise Server that allowed Privilege EscalationEPSS 0.6%CVE-2023-36569HIGHMicrosoft Office Elevation of Privilege VulnerabilityEPSS 0.6%CVE-2022-43749MEDIUMImproper privilege management vulnerability in summary report management in Synology Presto File Server before 2.1.2-1601 allows remote authEPSS 0.6%CVE-2023-41665HIGHWordPress GiveWP plugin <= 2.33.0 - GiveWP Manager+ Privilege Escalation vulnerabilityEPSS 0.6%CVE-2024-27518HIGHAn issue in SUPERAntiSyware Professional X 10.0.1262 and 10.0.1264 allows unprivileged attackers to escalate privileges via a restore of a cEPSS 0.6%CVE-2024-44076CRITICALIn Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access.EPSS 0.6%CVE-2024-9265CRITICALEcho RSS Feed Post Generator <= 5.4.6 - Unauthenticated Privilege EscalationEPSS 0.6%CVE-2022-41948MEDIUMPrivilege Chaining with the user admin role in dhis2-coreEPSS 0.6%CVE-2024-33398HIGHThere is a ClusterRole in piraeus-operator v2.5.0 and earlier which has been granted list secrets permission, which allows an attacker to imEPSS 0.6%CVE-2023-41957HIGHWordPress Simple Membership plugin <= 4.3.4 - Unauthenticated Membership Role Privilege Escalation vulnerabilityEPSS 0.6%CVE-2022-38065HIGHA privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git master 05194e7618 and prior. Overly permissivEPSS 0.6%CVE-2017-20037MEDIUMSICUNET Access Controller privileges managementEPSS 0.6%CVE-2024-35430HIGHIn ZKTeco ZKBio CVSecurity v6.1.1_R and earlier (fixed in 6.1.3_R) an authenticated user can bypass password checks while exporting data froEPSS 0.6%CVE-2019-3786HIGHBBR could run arbitrary scripts on deployment VMsEPSS 0.6%CVE-2024-3325HIGHJasperReports Server Driver upload vulnerabilityEPSS 0.6%CVE-2024-31502HIGHAn issue in Insurance Management System v.1.0.0 and before allows a remote attacker to escalate privileges via a crafted POST request to /adEPSS 0.6%CVE-2024-45041HIGHExternal Secrets Operator vulnerable to privilege escalationEPSS 0.6%CVE-2024-21622MEDIUMCraft CMS Privilege EscalationEPSS 0.6%CVE-2024-3470MEDIUMRepository administrator can bypass organization's ruleset using deploy keysEPSS 0.6%CVE-2025-12485HIGHImproper privilege management during pre-MFA cookie handling in Devolutions Server allows a low-privileged authenticated user to impersonateEPSS 0.6%