Fallos del tipo CWE-282
28 resultadosCVE-2024-45104MEDIUMA valid, authenticated LXCA user without sufficient privileges may be able to use the device identifier to modify an LXCA managed device thrEPSS 0.2%CVE-2025-1112MEDIUMIBM OpenPages with Watson information disclosureEPSS 0.2%CVE-2025-67642MEDIUMJenkins HashiCorp Vault Plugin 371.v884a_4dd60fb_6 and earlier does not set the appropriate context for Vault credentials lookup, allowing aEPSS 0.2%CVE-2025-3629MEDIUMIBM InfoSphere Information Server file manipulationEPSS 0.2%CVE-2025-27254HIGHCWE-282 "Improper Ownership Management" in GE Vernova EnerVista UR Setup allows Authentication Bypass.
The software's startup authenticatioEPSS 0.2%CVE-2025-46416LOWThe Nix, Lix, and Guix package managers allow a bypass of build isolation in which a user can elevate their privileges to the build user accEPSS 0.2%CVE-2024-37999HIGHA vulnerability has been identified in Medicalis Workflow Orchestrator (All versions). The affected application executes as a trusted accounEPSS 0.1%CVE-2025-57732HIGHIn JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownershipEPSS 0.1%