Fallos del tipo CWE-284

4435 resultados
CVE-2023-50928HIGH sandbox-accounts-for-events security misconfiguration leads to budget exceedEPSS 0.4%CVE-2024-45233HIGHAn issue was discovered in powermail extension through 12.3.5 for TYPO3. Several actions in the OutputController can directly be called, dueEPSS 0.4%CVE-2023-2861MEDIUMQemu: 9pfs: improper access control on special filesEPSS 0.4%CVE-2024-11045CRITICALCross-Site WebSocket Hijacking (CSWSH) in automatic1111/stable-diffusion-webuiEPSS 0.4%CVE-2026-46849HIGHVulnerability in the PeopleSoft Enterprise CS Student Financials product of Oracle PeopleSoft (component: Other). The supported version thEPSS 0.4%CVE-2026-42278HIGHUltraDAG: Smart Account Spending Policy Bypass via PocketsEPSS 0.4%CVE-2025-59703CRITICALEntrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to access the interEPSS 0.4%CVE-2024-2731MEDIUMImproper Access Control Issues Lead to Sensitive Data Exposure in MauticEPSS 0.4%CVE-2026-44926HIGHInfoScale CmdServer before 7.4.2 mishandles access control.EPSS 0.4%CVE-2023-49874MEDIUMIDOR when updating the tasks of a private playbook runEPSS 0.4%CVE-2024-11484MEDIUMCode4Berry Decoration Management System User Image update_image.php access controlEPSS 0.4%CVE-2024-23675MEDIUMSplunk App Key Value Store (KV Store) Improper Handling of Permissions Leads to KV Store Collection DeletionEPSS 0.4%CVE-2025-9296MEDIUMEmlog Pro blogger.php unrestricted uploadEPSS 0.4%CVE-2024-44571HIGHRELY-PCIe v22.2.1 to v23.1.0 was discovered to contain incorrect access control in the mService function at phpinf.php.EPSS 0.4%CVE-2025-7880MEDIUMMetasoft 美特软件 MetaCRM sendsms.jsp unrestricted uploadEPSS 0.4%CVE-2026-25231HIGHFileRise affected by an Unauthenticated File Read Due to Insufficient Access ControlEPSS 0.4%CVE-2021-1228HIGHCisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access VulnerabilityEPSS 0.4%CVE-2024-40531HIGHA mass assignment vulnerability exists in Pantera CRM versions 401.152 and 402.072. This flaw allows authenticated users to modify any user EPSS 0.4%CVE-2024-37279MEDIUMKibana Broken Access Control issueEPSS 0.4%CVE-2023-30969HIGHPalantir Tiles missing authentication on API endpointsEPSS 0.4%