Fallos del tipo CWE-284

4436 resultados
CVE-2025-28231CRITICALIncorrect access control in Itel Electronics IP Stream v1.7.0.6 allows unauthorized attackers to execute arbitrary commands with AdministratEPSS 0.4%CVE-2025-12331MEDIUMWillow CMS add unrestricted uploadEPSS 0.4%CVE-2025-5428MEDIUMjuzaweb CMS Error Logs Page log-viewer access controlEPSS 0.4%CVE-2025-5429MEDIUMjuzaweb CMS Plugins Page install access controlEPSS 0.4%CVE-2023-52105HIGHThe nearby module has a privilege escalation vulnerability. Successful exploitation of this vulnerability may affect availability.EPSS 0.4%CVE-2025-5421MEDIUMjuzaweb CMS Plugin Editor Page editor access controlEPSS 0.4%CVE-2025-5423MEDIUMjuzaweb CMS General Setting Page general access controlEPSS 0.4%CVE-2024-30418HIGHVulnerability of insufficient permission verification in the app management module. Impact: Successful exploitation of this vulnerability wiEPSS 0.4%CVE-2025-6741HIGHImproper access control in secure message component in Devolutions Server allows an authenticated user to steal unauthorized entries via theEPSS 0.4%CVE-2025-5427MEDIUMjuzaweb CMS Permalinks Page permalinks access controlEPSS 0.4%CVE-2025-32796MEDIUMDify Allows Unauthorized APP Enable/Disable via APIEPSS 0.4%CVE-2024-0810MEDIUMInsufficient policy enforcement in DevTools in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a maEPSS 0.4%CVE-2025-5426MEDIUMjuzaweb CMS Menu Page menus access controlEPSS 0.4%CVE-2024-28967MEDIUMDell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal maintenance RESTEPSS 0.3%CVE-2024-2880LOWImproper Access Control in GitLabEPSS 0.3%CVE-2024-28968MEDIUMDell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for internal email and collectioEPSS 0.3%CVE-2025-8174MEDIUMcode-projects Voting System candidates_add.php unrestricted uploadEPSS 0.3%CVE-2024-28965MEDIUMDell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal enable REST API EPSS 0.3%CVE-2024-43397MEDIUMPotential unauthorized access issue in apollo-portalEPSS 0.3%CVE-2024-28966MEDIUMDell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal update REST API EPSS 0.3%