Fallos del tipo CWE-284
4374 resultadosCVE-2023-47031CRITICALAn issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to escalate privileges via a crafted POST request to the grantRolesToUsersEPSS 0.6%CVE-2022-25932HIGHThe firmware of InHand Networks InRouter302 V3.5.45 introduces fixes for TALOS-2022-1472 and TALOS-2022-1474. The fixes are incomplete. An aEPSS 0.6%CVE-2024-44313HIGHTastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice() function within Orders.php which allows unauthorized EPSS 0.6%CVE-2024-0626MEDIUMWooCommerce Clover Payment Gateway <= 1.3.1 - Missing Authorization via callback_handlerEPSS 0.6%CVE-2025-15082MEDIUMTOZED ZLT M30s Web Management proc_post information disclosureEPSS 0.6%CVE-2026-5585MEDIUMTencent AI-Infra-Guard Task Detail Endpoint task_manager.go information disclosureEPSS 0.6%CVE-2024-43503HIGHMicrosoft SharePoint Elevation of Privilege VulnerabilityEPSS 0.6%CVE-2024-12368HIGHImproper access control in the auth_oauth module of Odoo Community 15.0 and Odoo Enterprise 15.0 allows an internal user to export the OAuthEPSS 0.6%CVE-2023-38206MEDIUMColdFusion | Improper Access Control (CWE-284)EPSS 0.6%CVE-2024-23663HIGHAn improper access control in Fortinet FortiExtender 4.1.1 - 4.1.9, 4.2.0 - 4.2.6, 5.3.2, 7.0.0 - 7.0.4, 7.2.0 - 7.2.4 and 7.4.0 - 7.4.2 allEPSS 0.6%CVE-2025-43192CRITICALA configuration issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. Account-drEPSS 0.6%CVE-2025-43198CRITICALThis issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be ableEPSS 0.6%CVE-2024-56889HIGHIncorrect access control in the endpoint /admin/m_delete.php of CodeAstro Complaint Management System v1.0 allows unauthorized attackers to EPSS 0.6%CVE-2026-31874CRITICALTaskosaur Improper Role Assignment via Parameter Manipulation in User RegistrationEPSS 0.6%CVE-2024-41249HIGHAn Incorrect Access Control vulnerability was found in /smsa/view_subject.php in Kashipara Responsive School Management System v3.2.0, whichEPSS 0.6%CVE-2024-1011MEDIUMSourceCodester Employee Management System Leave delete-leave.php access controlEPSS 0.6%CVE-2024-24568MEDIUMSuricata http2: header handling evasionEPSS 0.6%CVE-2024-37312MEDIUMNextcloud user_oidc app's ID4me feature is available even when disabledEPSS 0.6%CVE-2024-48955HIGHBroken access control in NetAdmin 4.030319 returns data with functionalities on the endpoint that "assembles" the functionalities menus, theEPSS 0.6%CVE-2023-26473MEDIUMXWiki Platform allows unprivileged users to make arbitrary select queries using DatabaseListProperty and suggest.vmEPSS 0.6%