Fallos del tipo CWE-269
1779 resultadosCVE-2026-46895CRITICALVulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite (component: Core). Supported versions thEPSS 0.4%CVE-2024-5909MEDIUMCortex XDR Agent: Local Windows User Can Disable the AgentEPSS 0.4%CVE-2024-13058MEDIUMAuthenticated, non-admin users can create storage pools via the sifi APIEPSS 0.4%CVE-2023-44106—API permission management vulnerability in the Fwk-Display module.Successful exploitation of this vulnerability may cause features to perforEPSS 0.4%CVE-2023-44105—Vulnerability of permissions not being strictly verified in the window management module.Successful exploitation of this vulnerability may cEPSS 0.4%CVE-2024-3057CRITICALA flaw exists whereby a user can make a specific call to a FlashArray endpoint allowing privilege escalation.EPSS 0.4%CVE-2025-36729HIGHRACOM M!DGE2 Privilege Escalation via SDK Testing EndpointEPSS 0.4%CVE-2026-12165HIGHContest Gallery <= 30.0.2 - Authenticated (Author+) Privilege Escalation via 'RegistryUserRole' ParameterEPSS 0.4%CVE-2018-14828—Advantech WebAccess 8.3.1 and earlier has an improper privilege management vulnerability, which may allow an attacker to access those files EPSS 0.4%CVE-2022-34706HIGHWindows Local Security Authority (LSA) Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2026-5144HIGHBuddyPress Groupblog <= 1.9.3 - Authenticated (Subscriber+) Privilege Escalation to Administrator via Group Blog IDOREPSS 0.4%CVE-2024-11951CRITICALHomey Login Register <= 2.4.0 - Unauthenticated Privilege Escalation in homey_registerEPSS 0.4%CVE-2021-21430MEDIUMCreation of Temporary File in Directory with Insecure Permissions in auto-generated Java, Scala codeEPSS 0.4%CVE-2025-44040HIGHAn issue in OrangeHRM v.5.7 allows an attacker to escalate privileges via UserService.php and the checkForOldHash function. Authentication dEPSS 0.4%CVE-2026-46921HIGHVulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM (component: Siebel Cloud Manager). Supported versions that EPSS 0.4%CVE-2026-46885HIGHVulnerability in the Siebel CRM Integration product of Oracle Siebel CRM (component: EAI). Supported versions that are affected are 17.0-26EPSS 0.4%CVE-2023-32194HIGHRancher permissions on 'namespaces' in any API group grants 'edit' permissions on namespaces in 'core'EPSS 0.4%CVE-2026-46964CRITICALVulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration). SEPSS 0.4%CVE-2026-46940HIGHVulnerability in the Oracle Cost Management product of Oracle E-Business Suite (component: Cost Planning). Supported versions that are affeEPSS 0.4%CVE-2024-12281CRITICALHomey <= 2.4.2 - Unauthenticated Privilege Escalation in homey_save_profileEPSS 0.4%