Fallos del tipo CWE-284
4370 resultadosCVE-2022-31687CRITICALVMware Workspace ONE Assist prior to 22.10 contains a Broken Access Control vulnerability. A malicious actor with network access to WorkspacEPSS 0.8%CVE-2023-39962HIGHUsers can delete external storage mount pointsEPSS 0.8%CVE-2022-39070CRITICALThere is an access control vulnerability in some ZTE PON OLT products. Due to improper access control settings, remote attackers could use tEPSS 0.8%CVE-2025-1355MEDIUMneedyamin Library Card System Add Picture signup.php unrestricted uploadEPSS 0.8%CVE-2022-23768HIGHNeo Information Sys. NIS-HAP11AC remote access and manipulation vulnerabilityEPSS 0.8%CVE-2023-24425MEDIUMJenkins Kubernetes Credentials Provider Plugin 1.208.v128ee9800c04 and earlier does not set the appropriate context for Kubernetes credentiaEPSS 0.8%CVE-2023-6930CRITICALImproper Access Control in EuroTel ETL3100EPSS 0.8%CVE-2026-34234CRITICALCtrlPanel: Unauthenticated RCE using installer scriptEPSS 0.8%CVE-2021-40413HIGHAn incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_201EPSS 0.8%CVE-2026-5788HIGHAn Improper Access Control in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote unauthenticated attacker to invokEPSS 0.8%CVE-2025-30693MEDIUMVulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0EPSS 0.8%CVE-2022-4700MEDIUMRoyal Elementor Addons <= 1.3.59 - Insufficient Access Control to Theme ActivationEPSS 0.8%CVE-2020-7531—A CWE-284 Improper Access Control vulnerability exists in SCADAPack 7x Remote Connect (V3.6.3.574 and prior) which allows an attacker to plaEPSS 0.8%CVE-2018-12546—In Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) when a client publishes a retained message to a topic, then has its access to that topEPSS 0.8%CVE-2021-25446—Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause arbitrary webpage loaEPSS 0.8%CVE-2021-25448—Improper access control vulnerability in Smart Touch Call prior to version 1.0.0.5 allows arbitrary webpage loading in webview.EPSS 0.8%CVE-2024-13103MEDIUMD-Link DIR-816 A2 Virtual Service form2AddVrtsrv.cgi access controlEPSS 0.8%CVE-2024-0414MEDIUMDeShang DSCMS install.php access controlEPSS 0.8%CVE-2024-0413MEDIUMDeShang DSKMS install.php access controlEPSS 0.8%CVE-2024-11661MEDIUMCodezips Free Exam Hall Seating Management System Profile Image profile.php unrestricted uploadEPSS 0.8%