Fallos del tipo CWE-284
4456 resultadosCVE-2025-48025MEDIUMIn Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000, there is an impropeEPSS 0.3%CVE-2021-34724MEDIUMCisco IOS XE SD-WAN Software Privilege Escalation VulnerabilityEPSS 0.3%CVE-2026-6489MEDIUMQueryMine sms Background Management addteacher.php unrestricted uploadEPSS 0.3%CVE-2026-5546MEDIUMCampcodes Complete Online Learning Management System Crud_model.php add_lesson unrestricted uploadEPSS 0.3%CVE-2026-1879MEDIUMHarvard University IQSS Dataverse Theme Customization ThemeAndWidgets.xhtml unrestricted uploadEPSS 0.3%CVE-2025-25585HIGHIncorrect access control in the component /config/WebSecurityConfig.java of yimioa before v2024.07.04 allows unauthorized attackers to arbitEPSS 0.3%CVE-2023-24484MEDIUMA malicious user can cause log files to be written to a directory that they do not have permission to write to.EPSS 0.3%CVE-2025-7106MEDIUMAuthorization Bypass due to Incorrect Access Control in danny-avila/librechatEPSS 0.3%CVE-2025-53111MEDIUMGLPI exposes data to non-allowed usersEPSS 0.3%CVE-2026-48928MEDIUMA inconsistency in Node.js hostname matching can cause a trust-policy bypass in multi-context mTLS setups.
This vulnerability affects allEPSS 0.3%CVE-2026-13933MEDIUMInsufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the rendeEPSS 0.3%CVE-2026-26183HIGHRemote Access Management service/API (RPC server) Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2023-21427MEDIUMImproper access control vulnerability in NfcTile prior to SMR Jan-2023 Release 1 allows to attacker to use NFC without user recognition.EPSS 0.3%CVE-2026-32138HIGHNEXULEAN API Key LeakEPSS 0.3%CVE-2025-63214MEDIUMAn issue was discovered in bridgetech VBC Server & Element Manager, firmware version 6.5.0-10 , 6.5.0-9, allowing unauthorized attackers to EPSS 0.3%CVE-2023-27879MEDIUMImproper access control in firmware for some Intel(R) Optane(TM) SSD products may allow an unauthenticated user to potentially enable informEPSS 0.3%CVE-2024-46948MEDIUMNorthern.tech Mender before 3.6.5 and 3.7.x before 3.7.5 has Incorrect Access Control.EPSS 0.3%CVE-2025-32790MEDIUMDify Allows Insecure User Role Access Control for APP DSL ExportingEPSS 0.3%CVE-2025-64064HIGHPrimakon Pi Portal 1.0.18 /api/v2/pp_users endpoint fails to adequately check user permissions before processing a PATCH request to modify tEPSS 0.3%CVE-2025-7051HIGHN-central Syslog Configuration Insecure Direct Object ReferenceEPSS 0.3%