Fallos del tipo CWE-269
1779 resultadosCVE-2024-22157CRITICALWordPress SalesKing plugin <= 1.6.15 - Unauthenticated Privilege Escalation vulnerabilityEPSS 0.6%CVE-2022-26795HIGHWindows Print Spooler Elevation of Privilege VulnerabilityEPSS 0.6%CVE-2023-7080HIGHArbitrary remote code execution within wrangler dev Workers sandboxEPSS 0.6%CVE-2023-51425CRITICALWordPress Rencontre plugin <= 3.10.1 - Unauthenticated Account Takeover vulnerabilityEPSS 0.6%CVE-2021-37911HIGHThe management interface of BenQ smart wireless conference projector does not properly control user's privilege. Attackers can access any syEPSS 0.6%CVE-2024-29052HIGHWindows Storage Elevation of Privilege VulnerabilityEPSS 0.6%CVE-2020-8290—Backblaze for Windows and Backblaze for macOS before 7.0.0.439 suffer from improper privilege management in `bztransmit` helper due to lack EPSS 0.6%CVE-2024-9941HIGHWPGYM <= 67.1.0 - Missing Authorization to Authenticated (Subscriber+) Privilege EscalationEPSS 0.6%CVE-2023-39734—The leakage of the client secret in VISION MEAT WORKS TrackDiner10/10_mc Line v13.6.1 allows attackers to obtain the channel access token anEPSS 0.6%CVE-2026-2631CRITICALDatalogics Ecommerce Delivery < 2.6.60 - Unauthenticated Privilege EscalationEPSS 0.6%CVE-2021-34579HIGHPHOENIX CONTACT: FL MGUARD DM version 1.12.0 and 1.13.0 Improper Privilege ManagementEPSS 0.6%CVE-2025-0505CRITICALOn Arista CloudVision systems (virtual or physical on-premise deployments), Zero Touch Provisioning can be used to gain admin privileges on the CloudVision system, with more permissions than necessary, which can be used to query or manipulate system stateEPSS 0.6%CVE-2023-39740—The leakage of the client secret in Onigiriya-musubee Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadEPSS 0.6%CVE-2023-39732—The leakage of the client secret in Tokueimaru_waiting Line 13.6.1 allows attackers to obtain the channel access token and send crafted broaEPSS 0.6%CVE-2023-41243HIGHWordPress WPvivid Backup Plugin plugin <= 0.9.90 - Privilege Escalation on Staging Environment vulnerabilityEPSS 0.6%CVE-2022-35291HIGHPrivilege escalation vulnerability in SAP SuccessFactors attachment API for Mobile Application(Android & iOS)EPSS 0.6%CVE-2025-12981CRITICALListee <= 1.1.6 - Unauthenticated Privilege EscalationEPSS 0.6%CVE-2022-32840HIGHThis issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app mayEPSS 0.6%CVE-2023-39733—The leakage of the client secret in TonTon-Tei Line v13.6.1 allows attackers to obtain the channel access token and send crafted broadcast mEPSS 0.6%CVE-2022-41268HIGHIn some SAP standard roles in SAP Business Planning and Consolidation - versions - SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, DWCORE 200EPSS 0.6%