Fallos del tipo CWE-269
1785 resultadosCVE-2024-22237HIGHAria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for NetworksEPSS 0.2%CVE-2025-24838HIGHImproper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow aEPSS 0.2%CVE-2021-25657HIGHAvaya IP Office Privilege Escalation VulnerabilityEPSS 0.2%CVE-2021-3809HIGHPotential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary EPSS 0.2%CVE-2021-3808HIGHPotential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary EPSS 0.2%CVE-2026-6898HIGHWishList Member <= 3.30.1 - Missing Authorization to Authenticated (Subscriber+) Generate API Secret Key via 'wlm3_generate_api_key' AJAX actionEPSS 0.2%CVE-2026-6897HIGHWishlist Member <= 3.30.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Options Update via 'wishlistmember_team_accounts_save_settings' AJAX actionEPSS 0.2%CVE-2023-52431HIGHThe Plack::Middleware::XSRFBlock package before 0.0.19 for Perl allows attackers to bypass a CSRF protection mechanism via an empty form valEPSS 0.2%CVE-2022-32826HIGHAn authorization issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, EPSS 0.2%CVE-2026-9918CRITICALInappropriate implementation in Tint in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escEPSS 0.2%CVE-2022-47505HIGHSolarWinds Platform Local Privilege Escalation VulnerabilityEPSS 0.2%CVE-2024-56447HIGHVulnerability of improper permission control in the window management module
Impact: Successful exploitation of this vulnerability may affecEPSS 0.2%CVE-2023-52337HIGHAn improper access control vulnerability in Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent EPSS 0.2%CVE-2025-68697HIGHSelf-hosted n8n has Legacy Code node that enables arbitrary file read/writeEPSS 0.2%CVE-2025-6759HIGHLocal Privilege escalation allows a low-privileged user to gain SYSTEM privilegesEPSS 0.2%CVE-2025-66314HIGHImproper Privilege Management vulnerability in ZTE ElasticNet UME R32 on Linux allows Accessing Functionality Not Properly Constrained by ACEPSS 0.2%CVE-2021-25336LOWImproper access control in NotificationManagerService in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applicationEPSS 0.2%CVE-2022-32782MEDIUMThis issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.4. An app with root privileges may be able tEPSS 0.2%CVE-2023-38496MEDIUMApptainer's ineffective privileges drop when requesting container networkEPSS 0.2%CVE-2022-38378MEDIUMAn improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 thrEPSS 0.2%