Fallos del tipo CWE-269

1775 resultados

CVE-2023-0872HIGHROLE_REST can be used to escalate to ROLE_ADMIN via /rest/usersEPSS 3.0%CVE-2026-25643CRITICALFrigate Affected by Authenticated Remote Command Execution (RCE) and Container EscapeEPSS 2.9%CVE-2019-7394—A privilege escalation vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8EPSS 2.9%CVE-2024-6624CRITICALJSON API User <= 3.9.3 - Unauthenticated Privilege EscalationEPSS 2.9%CVE-2021-25337MEDIUMImproper access control in clipboard service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to readEPSS 2.8%KEV CVE-2023-26540CRITICALWordPress Houzez theme <= 2.7.1 - Privilege EscalationEPSS 2.7%CVE-2023-26009CRITICALWordPress Houzez Login Register plugin <= 2.6.3 - Privilege EscalationEPSS 2.7%CVE-2023-29350HIGHMicrosoft Edge (Chromium-based) Elevation of Privilege VulnerabilityEPSS 2.6%CVE-2020-8283—An authorised user on a Windows host running Citrix Universal Print Server can perform arbitrary command execution as SYSTEM in CVAD versionEPSS 2.6%CVE-2020-8269—An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixEPSS 2.6%CVE-2020-15149CRITICALAccount takeover in NodeBBEPSS 2.4%CVE-2022-1770CRITICALImproper Privilege Management in polonel/trudeskEPSS 2.4%CVE-2024-21324HIGHMicrosoft Defender for IoT Elevation of Privilege VulnerabilityEPSS 2.3%CVE-2023-39335—A security vulnerability has been identified in EPMM Versions 11.10, 11.9 and 11.8 and older allowing an unauthenticated threat actor to impEPSS 2.3%CVE-2017-0358HIGHntfs-3g: Modprobe influence vulnerability via environment variablesEPSS 2.3%CVE-2018-13799—A vulnerability has been identified in SIMATIC WinCC OA V3.14 and prior (All versions < V3.14-P021). Improper access control to a data pointEPSS 2.3%CVE-2022-24812HIGHFGAC API Key privilege escalation in GrafanaEPSS 2.2%CVE-2023-35674HIGHIn onCreate of WindowState.java, there is a possible way to launch a background activity due to a logic error in the code. This could lead tEPSS 2.2%KEV CVE-2023-3467HIGHPrivilege Escalation to root administrator (nsroot) EPSS 2.1%CVE-2023-30765HIGHDelta Electronics InfraSuite Device Master Improper Access ControlEPSS 2.1%

← anteriorpágina 4 / 89siguiente →