Fallos del tipo CWE-284
4457 resultadosCVE-2026-55112HIGHA malicious actor with access to the network and low privileges and under certain conditions could exploit an Improper Access Control vulnerEPSS 0.2%CVE-2022-37341HIGHImproper access control in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privilegEPSS 0.2%CVE-2026-21984HIGHVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.EPSS 0.2%CVE-2026-28374MEDIUMIDOR in Annotations API allows unprivileged users to DELETE annotationEPSS 0.2%CVE-2026-2311MEDIUMIBM i is affected by a privilege escalation vulnerability in Web Administration GUI []EPSS 0.2%CVE-2025-43263HIGHThe issue was addressed with improved checks. This issue is fixed in Xcode 26. An app may be able to read and write files outside of its sanEPSS 0.2%CVE-2025-57428MEDIUMDefault credentials in Each Italy Wireless Mini Router WIRELESS-N 300M v28K.MiniRouter.20190211 allows attackers to gain access to the debugEPSS 0.2%CVE-2021-25431—Improper access control vulnerability in Cameralyzer prior to versions 3.2.1041 in 3.2.x, 3.3.1040 in 3.3.x, and 3.4.4210 in 3.4.x allows unEPSS 0.2%CVE-2023-0012MEDIUMLocal Privilege Escalation in SAP Host Agent (Windows)EPSS 0.2%CVE-2026-48947MEDIUMJoomla! Core - [20260701] - Incorrect Access Control in com_media webservice endpointsEPSS 0.2%CVE-2026-35230HIGHVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.EPSS 0.2%CVE-2022-36443HIGHAn issue was discovered in Zebra Enterprise Home Screen 4.1.19. The device allows the administrator to lock some communication channels (wirEPSS 0.2%CVE-2023-40070HIGHImproper access control in some Intel(R) Power Gadget software for macOS all versions may allow an authenticated user to potentially enable EPSS 0.2%CVE-2023-44290HIGH
Dell Command | Monitor versions prior to 10.10.0, contain an improper access control vulnerability. A local malicious standard user could pEPSS 0.2%CVE-2023-6968HIGHThe Moneytizer <= 9.6.3 - Cross-Site Request Forgery via multiple AJAX actionsEPSS 0.2%CVE-2023-44289HIGH
Dell Command | Configure versions prior to 4.11.0, contain an improper access control vulnerability. A local malicious standard user could EPSS 0.2%CVE-2026-56050MEDIUMWordPress PPOM for WooCommerce plugin <= 33.0.18 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-1882LOWi-Drive i11/i12 Device Setting improper access control for register interfaceEPSS 0.2%CVE-2023-45217HIGHImproper access control in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escEPSS 0.2%CVE-2022-23829HIGHA potential weakness in AMD SPI protection features may allow a malicious attacker with Ring0 (kernel mode) access to bypass the native SystEPSS 0.2%