Fallos del tipo CWE-284
4356 resultadosCVE-2018-0436—Cisco Webex Teams Information Disclosure and Modification VulnerabilityEPSS 1.3%CVE-2020-10641—An unprotected logging route may allow an attacker to write endless log statements into the database without space limits or authentication.EPSS 1.3%CVE-2021-1243MEDIUMCisco IOS XR Software SNMP Management Plane Protection ACL Bypass VulnerabilityEPSS 1.3%CVE-2018-11456—A vulnerability has been identified in Automation License Manager 5 (All versions < 5.3.4.4). An attacker with network access to the device EPSS 1.3%CVE-2018-8922MEDIUMImproper access control vulnerability in Synology Drive before 1.0.2-10275 allows remote authenticated users to access non-shared files or fEPSS 1.3%CVE-2022-38743HIGHRockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an improper access control vulnerabilityEPSS 1.3%CVE-2023-46501CRITICALAn issue in BoltWire v.6.03 allows a remote attacker to obtain sensitive information via a crafted payload to the view and change admin passEPSS 1.3%CVE-2018-10612—In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0, user access management and communication encryptiEPSS 1.3%CVE-2021-32517HIGHQSAN Storage Manager - Improper Access ControlEPSS 1.3%CVE-2016-9368—An issue was discovered in Eaton xComfort Ethernet Communication Interface (ECI) Versions 1.07 and prior. By accessing a specific uniform reEPSS 1.3%CVE-2021-38457CRITICALAUVESY VersiondogEPSS 1.3%CVE-2023-1834CRITICALRockwell Automation Kinetix 5500 Vulnerable to Open Port ExploitationEPSS 1.3%CVE-2026-24300CRITICALAzure Front Door Elevation of Privilege VulnerabilityEPSS 1.3%CVE-2023-38167HIGHMicrosoft Dynamics 365 Business Central Elevation of Privilege VulnerabilityEPSS 1.2%CVE-2020-14504MEDIUMThe web interface of the 1734-AENTR communication module mishandles authentication for HTTP POST requests. A remote, unauthenticated attackeEPSS 1.2%CVE-2022-25755—A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE XEPSS 1.2%CVE-2024-45489CRITICALArc before 2024-08-26 allows remote code execution in JavaScript boosts. Boosts that run JavaScript cannot be shared by default; however (beEPSS 1.2%CVE-2023-36722MEDIUMActive Directory Domain Services Information Disclosure VulnerabilityEPSS 1.2%CVE-2026-4194MEDIUMD-Link DNS-1550-04 system_mgr.cgi cgi_set_wto access controlEPSS 1.2%CVE-2021-24197—wpDataTables < 3.4.2 - Improper Access Control leading to Table Permission TakeoverEPSS 1.2%