Fallos del tipo CWE-284

4459 resultados
CVE-2022-39860MEDIUMImproper access control vulnerability in QuickShare prior to version 13.2.3.5 allows attackers to access sensitive information via implicit EPSS 0.2%CVE-2023-24486MEDIUMLocal user access to a system where another user is utilizing a vulnerable version of Citrix Workspace App for Linux to launch published desktops and applicationsEPSS 0.2%CVE-2026-11210MEDIUMInappropriate implementation in Safe Browsing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary acceEPSS 0.2%CVE-2023-40161MEDIUMImproper access control in some Intel Unite(R) Client software before version 4.2.35041 may allow an authenticated user to potentially enablEPSS 0.2%CVE-2024-33396HIGHAn issue in karmada-io karmada v1.9.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token coEPSS 0.2%CVE-2026-9590MEDIUMImproper access control in the permission validation component in Devolutions Server 2026.1.19 and earlier allows an authenticated user withEPSS 0.2%CVE-2025-43371HIGHThis issue was addressed with improved checks. This issue is fixed in Xcode 26. An app may be able to break out of its sandbox.EPSS 0.2%CVE-2023-37194MEDIUMA vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATEPSS 0.2%CVE-2023-22848MEDIUMImproper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentEPSS 0.2%CVE-2021-1113MEDIUMNVIDIA camera firmware contains a difficult to exploit vulnerability where a highly privileged attacker can cause unauthorized modification EPSS 0.2%CVE-2025-43407HIGHThis issue was addressed with improved entitlements. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS SeEPSS 0.2%CVE-2023-47859MEDIUMImproper access control for some Intel(R) Wireless Bluetooth products for Windows before version 23.20 may allow an authenticated user to poEPSS 0.2%CVE-2023-25073MEDIUMImproper access control in some Intel(R) DSA software before version 23.4.33 may allow an authenticated user to potentially enable denial ofEPSS 0.2%CVE-2025-43325MEDIUMAn access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access sensEPSS 0.2%CVE-2025-43207MEDIUMThis issue was addressed with improved entitlements. This issue is fixed in macOS Tahoe 26. An app may be able to access user-sensitive dataEPSS 0.2%CVE-2025-43208MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to read sensitive EPSS 0.2%CVE-2025-31270MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access protecteEPSS 0.2%CVE-2022-36374HIGHImproper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmi Windows 5.27.03.0003 may allow a privilEPSS 0.2%CVE-2026-46842MEDIUMVulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vuEPSS 0.2%CVE-2023-24481MEDIUMImproper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentEPSS 0.2%