Fallos del tipo CWE-284

4457 resultados
CVE-2023-5543LOWMoodle: duplicating a bigbluebutton activity assigns the same meeting idEPSS 0.2%CVE-2021-38392MEDIUMImproper Access Control for Boston Scientific Zoom LatitudeEPSS 0.2%CVE-2023-50706MEDIUM Improper Access Control in EFACEC UC 500EEPSS 0.2%CVE-2026-35238MEDIUMVulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0EPSS 0.2%CVE-2024-31859MEDIUMMember promoted to channel admin via playbooks run linking to channelEPSS 0.2%CVE-2025-27153MEDIUMEscalade GLPI Plugin Vulnerable to Improper Access ControlEPSS 0.2%CVE-2026-35239MEDIUMVulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.45, EPSS 0.2%CVE-2025-7487MEDIUMJoeyBling SpringBoot_MyBatisPlus upload SysFileController unrestricted uploadEPSS 0.2%CVE-2022-42853MEDIUMAn access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13.1. An app may be able to modify proEPSS 0.2%CVE-2022-20728MEDIUMCisco Access Points VLAN Bypass from Native VLAN VulnerabilityEPSS 0.2%CVE-2025-66557MEDIUMNextcloud Deck app allowed user with "Can share" permission to modify permissions of other non-ownersEPSS 0.2%CVE-2026-35236MEDIUMVulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0EPSS 0.2%CVE-2026-56082HIGHCapgo - Unauthenticated Cross-Tenant Billing Log Tampering via public.record_build_time RPCEPSS 0.2%CVE-2023-39963HIGHMissing password confirmation when creating app passwordsEPSS 0.2%CVE-2026-35240MEDIUMVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.EPSS 0.2%CVE-2026-35237MEDIUMVulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0EPSS 0.2%CVE-2025-63663HIGHIncorrect access control in the /api/v1/conversations/*/files API of GT Edge AI Platform before v2.0.10 allows unauthorized attackers to accEPSS 0.2%CVE-2025-11406MEDIUMkaifangqian kaifangqian-base SysUserController.java getAllUsers information disclosureEPSS 0.2%CVE-2026-40603MEDIUMChartbrew: Incorrect Access Control in /api/project/dashboard/:brewName via same-team overrideEPSS 0.2%CVE-2025-63664HIGHIncorrect access control in the /api/v1/conversations/*/messages API of GT Edge AI Platform before v2.0.10-dev allows unauthorized attackersEPSS 0.2%