Fallos del tipo CWE-284
4370 resultadosCVE-2024-37905HIGHImproper Access Control and Incorrect Authorization in github.com/goauthentik/authentikEPSS 0.8%CVE-2024-43456MEDIUMWindows Remote Desktop Services Tampering VulnerabilityEPSS 0.8%CVE-2025-7075MEDIUMBlackVue Dashcam 590X HTTP Endpoint upload.cgi unrestricted uploadEPSS 0.8%CVE-2023-1862HIGHRemote access to warp-svc.exe in Cloudflare WARPEPSS 0.8%CVE-2020-35497—A flaw was found in ovirt-engine 4.4.3 and earlier allowing an authenticated user to read other users' personal information, including name,EPSS 0.8%CVE-2025-62713HIGHKottster app reinitialization can be re-triggered allowing command injection in development modeEPSS 0.7%CVE-2014-8183HIGHIt was found that foreman, versions 1.x.x before 1.15.6, in Satellite 6 did not properly enforce access controls on certain resources. An atEPSS 0.7%CVE-2024-1308HIGHWooCommerce Cloak Affiliate Links <= 1.0.33 - Missing Authorization to Unauthenticated Permalink ModificationEPSS 0.7%CVE-2023-30587HIGHA vulnerability in Node.js version 20 allows for bypassing restrictions set by the --experimental-permission flag using the built-in inspectEPSS 0.7%CVE-2020-26077MEDIUMCisco IoT Field Network Director Improper Access Control VulnerabilityEPSS 0.7%CVE-2018-15372—Cisco IOS XE Software MACsec MKA Using EAP-TLS Authentication Bypass VulnerabilityEPSS 0.7%CVE-2022-44014MEDIUMAn issue was discovered in Simmeth Lieferantenmanager before 5.6. In the design of the API, a user is inherently able to fetch arbitrary SQLEPSS 0.7%CVE-2022-0405MEDIUMImproper Access Control in janeczku/calibre-webEPSS 0.7%CVE-2023-2903MEDIUMNFine Rapid Development Platform access controlEPSS 0.7%CVE-2020-2500CRITICALThis improper access control vulnerability in Helpdesk allows attackers to get control of QNAP Kayako service. Attackers can access the sensEPSS 0.7%CVE-2021-1467MEDIUMCisco Webex Meetings for Android Avatar Modification VulnerabilityEPSS 0.7%CVE-2023-28645MEDIUMSecure view can be bypassed by using internal API endpoint in Nextcloud richdocumentsEPSS 0.7%CVE-2023-46712MEDIUMA improper access control in Fortinet FortiPortal version 7.0.0 through 7.0.6, Fortinet FortiPortal version 7.2.0 through 7.2.1 allows attacEPSS 0.7%CVE-2022-4331MEDIUMAn issue has been discovered in GitLab EE affecting all versions starting from 15.1 before 15.7.8, all versions starting from 15.8 before 15EPSS 0.7%CVE-2023-0319MEDIUMAn issue has been discovered in GitLab affecting all versions starting from 13.6 before 15.8.5, all versions starting from 15.9 before 15.9.EPSS 0.7%