Fallos del tipo CWE-284

4356 resultados

CVE-2020-29020CRITICALReject Remote Management via Cellular UPLINK2EPSS 1.7%CVE-2022-34255HIGHAdobe Commerce Improper Access Control Privilege escalationEPSS 1.7%CVE-2025-46628HIGHLack of input validation/sanitization in the 'ate' management service in the Tenda RX2 Pro 16.03.30.14 allows an unauthorized remote attackeEPSS 1.7%CVE-2019-25060—WP-GraphQL < 0.3.5 - Improper Access ControlEPSS 1.7%CVE-2026-39364HIGHVite has a `server.fs.deny` bypass with queriesEPSS 1.7%CVE-2019-6810—CWE-284: Improper Access Control vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmware versions), which could causeEPSS 1.7%CVE-2023-24479CRITICALAn authentication bypass vulnerability exists in the httpd nvram.cgi functionality of Yifan YF325 v1.0_20221108. A specially crafted networkEPSS 1.7%CVE-2021-25438—Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android PEPSS 1.7%CVE-2025-27134HIGHPrivilege escalation in Joplin server via user patch endpointEPSS 1.7%CVE-2021-21045HIGHAcrobat Reader DC Improper Installer Access Control Vulnerability Could Lead To Privilege EscalationEPSS 1.7%CVE-2022-0541—Flo Launch < 2.4.1 - Missing Authentication Allow Full Site TakeoverEPSS 1.7%CVE-2021-22877—A missing user check in Nextcloud prior to 20.0.6 inadvertently populates a user's own credentials for other users external storage configurEPSS 1.7%CVE-2022-37393—Zimbra zmslapd arbitrary module loadEPSS 1.7%CVE-2024-38202HIGHWindows Update Stack Elevation of Privilege VulnerabilityEPSS 1.7%CVE-2019-10962—BD Alaris Gateway versions, 1.0.13,1.1.3 Build 10,1.1.3 MR Build 11,1.1.5, and 1.1.6, The web browser user interface on the Alaris Gateway WEPSS 1.7%CVE-2018-15459MEDIUMCisco Identity Services Engine Privilege Escalation VulnerabilityEPSS 1.7%CVE-2019-3567—In some configurations an attacker can inject a new executable path into the extensions.load file for osquery and hard link a parent folder EPSS 1.7%CVE-2025-24989HIGHMicrosoft Power Pages Elevation of Privilege VulnerabilityEPSS 1.7%KEV CVE-2019-6520—Moxa IKS and EDS does not properly check authority on server side, which results in a read-only user being able to perform arbitrary configuEPSS 1.7%CVE-2023-36890MEDIUMMicrosoft SharePoint Server Information Disclosure VulnerabilityEPSS 1.6%

← anteriorpágina 14 / 218siguiente →