Fallos del tipo CWE-284
4457 resultadosCVE-2022-28778MEDIUMImproper access control vulnerability in Samsung Security Supporter prior to version 1.2.40.0 allows attacker to set the arbitrary folder asEPSS 0.2%CVE-2022-32946MEDIUMThis issue was addressed with improved entitlements. This issue is fixed in iOS 16.1 and iPadOS 16. An app may be able to record audio usingEPSS 0.2%CVE-2022-28777MEDIUMImproper access control vulnerability in Samsung Members prior to version 13.6.08.5 allows local attacker to execute call function without CEPSS 0.2%CVE-2025-66223HIGHOpenObserve's Invite Token Lifecycle MisconfigurationEPSS 0.2%CVE-2025-15199MEDIUMcode-projects College Notes Uploading System userprofile.php unrestricted uploadEPSS 0.2%CVE-2026-13949MEDIUMInsufficient policy enforcement in Payments in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentialEPSS 0.2%CVE-2025-27215HIGHAn Improper Access Control could allow a malicious actor authenticated in the API of certain UniFi Connect Display Cast devices to make unsuEPSS 0.2%CVE-2025-47220MEDIUMA local file enumeration was found in Keyfactor SignServer versions prior to 7.3.2 .The property VISIBLE_SIGNATURE_CUSTOM_IMAGE_PATH, which EPSS 0.2%CVE-2026-0798LOWGitea Release Email Notifications Leak Private Repository Release Details After Access RevocationEPSS 0.2%CVE-2025-58055MEDIUMDiscourse AI Suggestions Contain Insecure Direct Object ReferenceEPSS 0.2%CVE-2024-12307MEDIUMFunction-Level Access Control Vulnerability Allows Unauthorized Modification of Student Data in UnifiedtransformEPSS 0.2%CVE-2020-7253MEDIUMImproper access control vulnerability in McAfee AgentEPSS 0.2%CVE-2022-27635HIGHImproper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enablEPSS 0.2%CVE-2025-43408LOWThis issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2EPSS 0.2%CVE-2026-45776MEDIUMOpen XDMoD has Broken Access Control via Client-Controlled Session VariableEPSS 0.2%CVE-2024-21805HIGHImproper access control vulnerability exists in the specific folder of SKYSEA Client View versions from Ver.16.100 prior to Ver.19.2. If thiEPSS 0.2%CVE-2023-44283HIGH
In Dell SupportAssist for Home PCs (between v3.0 and v3.14.1) and SupportAssist for Business PCs (between v3.0 and v3.4.1), a security concEPSS 0.2%CVE-2026-40904HIGHChartbrew: Incorrect Access Control in dataset and dataRequest routes via team-scoped permission checksEPSS 0.2%CVE-2025-69221MEDIUMLibreChat has Insufficient Access Control for Agent Permission QueriesEPSS 0.2%CVE-2026-44957MEDIUMA missing access control check when invoking various modify methods in the XML‑RPC API of Revive Adserver 6.0.6 and earlier. The API allowedEPSS 0.2%