Fallos del tipo CWE-284
4444 resultadosCVE-2022-39870MEDIUMImproper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensEPSS 0.3%CVE-2019-6566—GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to replace the uninstaller with a malicious version, which EPSS 0.3%CVE-2022-39871MEDIUMImproper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows attackers to access sensEPSS 0.3%CVE-2026-34733MEDIUMAVideo: Unauthenticated File Deletion via PHP Operator Precedence Bug in CLI GuardEPSS 0.3%CVE-2025-53059MEDIUMVulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: OpenSearch Dashboards). Supported versions EPSS 0.3%CVE-2023-36638MEDIUMAn improper privilege management vulnerability [CWE-269] in FortiManager 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2EPSS 0.3%CVE-2025-1941CRITICALLock screen setting bypass in Firefox Focus for AndroidEPSS 0.3%CVE-2024-39274HIGHMalicious remote can add users to arbitrary teams and channelsEPSS 0.3%CVE-2026-28837HIGHA logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data.EPSS 0.3%CVE-2024-45313MEDIUMInsecure default setting for Server Pro installed via Overleaf toolkitEPSS 0.3%CVE-2020-8157—UniFi Cloud Key firmware <= v1.1.10 for Cloud Key gen2 and Cloud Key gen2 Plus contains a vulnerability that allows unrestricted root accessEPSS 0.3%CVE-2025-8265MEDIUM299Ko CMS File Management view unrestricted uploadEPSS 0.3%CVE-2025-4538MEDIUMkkFileView fileUpload unrestricted uploadEPSS 0.3%CVE-2025-9406MEDIUMxuhuisheng lemon CmsArticleController.java uploadImage unrestricted uploadEPSS 0.3%CVE-2025-31494LOWAutoGPT allows cross-user sharing of node execution results through WebSockets APIEPSS 0.3%CVE-2025-10952MEDIUMgeyang ml-logger File server.py stream_handler information disclosureEPSS 0.3%CVE-2026-35271HIGHVulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Weblogic). Supported versions that are aEPSS 0.3%CVE-2025-8738MEDIUMzlt2000 microservices-platform Spring Actuator Interface actuator information disclosureEPSS 0.3%CVE-2025-5162MEDIUMH3C SecCenter SMP-E1114P02 importFile unrestricted uploadEPSS 0.3%CVE-2024-44219HIGHA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. A malicious application with rootEPSS 0.3%