Fallos del tipo CWE-269

1785 resultados
CVE-2022-38378MEDIUMAn improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 thrEPSS 0.2%CVE-2024-40781HIGHThe issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. A localEPSS 0.2%CVE-2025-31283MEDIUMA broken access control vulnerability previously discovered in the Trend Vision One User Roles component could have allowed an administratorEPSS 0.2%CVE-2026-10868CRITICALMISP user edit endpoint mass assignment vulnerability allows unauthorized user account modificationEPSS 0.2%CVE-2025-31285MEDIUMA broken access control vulnerability previously discovered in the Trend Vision One Role Name component could have allowed an administrator EPSS 0.2%CVE-2025-8309HIGHUser privilege escalation vulnerabilityEPSS 0.2%CVE-2025-31284MEDIUMA broken access control vulnerability previously discovered in the Trend Vision One Status component could have allowed an administrator to EPSS 0.2%CVE-2023-24509CRITICALOn affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading t ...EPSS 0.2%CVE-2026-5193MEDIUMEssential Addons for Elementor – Popular Elementor Templates & Widgets <= 6.5.13 - Authenticated (Author+) Limited Privilege Escalation via register_userEPSS 0.2%CVE-2023-48419CRITICALAn attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in EoPEPSS 0.2%CVE-2025-53030MEDIUMVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.EPSS 0.2%CVE-2025-67781CRITICALAn issue was discovered in DriveLock 24.1 before 24.1.6, 24.2 before 24.2.7, and 25.1 before 25.1.5. Local unprivileged users can manipulateEPSS 0.2%CVE-2024-41949LOWbiscuit-rust vulnerable to public key confusion in third party blockEPSS 0.2%CVE-2025-31282MEDIUMA broken access control vulnerability previously discovered in the Trend Vision One User Account component could have allowed an administratEPSS 0.2%CVE-2026-8157HIGHVitepos < 3.4.2 - Outlet Manager+ Privilege EscalationEPSS 0.2%CVE-2023-45083MEDIUMHyperCloud: "admin" and "serveradmin" users can be deletedEPSS 0.2%CVE-2021-31359HIGHJunos OS and Junos OS Evolved: Local Privilege Escalation vulnerabilityEPSS 0.2%CVE-2022-32794HIGHA logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, mEPSS 0.2%CVE-2025-36896CRITICALWLAN in Android before 2025-09-05 on Google Pixel devices allows elevation of privilege, aka A-394765106.EPSS 0.2%CVE-2026-21963MEDIUMVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.EPSS 0.2%