Fallos del tipo CWE-284
4375 resultadosCVE-2023-5365—HP LIFE Android Mobile – Potential Escalation of Privilege, Information DisclosureEPSS 0.6%CVE-2020-7278HIGHMcAfee firewall rules not enforced correctlyEPSS 0.6%CVE-2020-8179—Improper access control in Nextcloud Deck 1.0.0 allowed an attacker to inject tasks into other users decks.EPSS 0.6%CVE-2023-28809HIGHSome access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user suEPSS 0.6%CVE-2022-46890MEDIUMWeak access control in NexusPHP before 1.7.33 allows a remote authenticated user to edit any post in the forum (this is caused by a lack of EPSS 0.6%CVE-2021-27598MEDIUMSAP NetWeaver AS JAVA (Customer Usage Provisioning Servlet), versions - 7.31, 7.40, 7.50, allows an attacker to read some statistical data lEPSS 0.6%CVE-2019-1890HIGHCisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access VulnerabilityEPSS 0.6%CVE-2023-5833HIGHImproper Access Control in mintplex-labs/anything-llmEPSS 0.6%CVE-2024-36259HIGHImproper access control in mail module of Odoo Community 17.0 and Odoo Enterprise 17.0 allows remote authenticated attackers to extract sensEPSS 0.6%CVE-2023-21846HIGHVulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security). Supported versions that are affected arEPSS 0.6%CVE-2023-21832HIGHVulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security). Supported versions that are affected arEPSS 0.6%CVE-2026-2550CRITICALEFM iptime A6004MX timepro.cgi commit_vpncli_file_upload unrestricted uploadEPSS 0.6%CVE-2024-0642CRITICALInadequate access control in C21 Live Encoder and Live MosaicEPSS 0.6%CVE-2024-0631MEDIUMDuitku Payment Gateway <= 2.11.6 - Missing Authorization via check_duitku_responseEPSS 0.6%CVE-2022-39406HIGHVulnerability in the PeopleSoft Enterprise Common Components product of Oracle PeopleSoft (component: Approval Framework). The supported verEPSS 0.6%CVE-2024-28390CRITICALAn issue in Advanced Plugins ultimateimagetool module for PrestaShop before v.2.2.01, allows a remote attacker to escalate privileges and obEPSS 0.6%CVE-2025-54603MEDIUMAn incorrect OIDC authentication flow in Claroty Secure Access 3.3.0 through 4.0.2 can result in unauthorized user creation or impersonationEPSS 0.6%CVE-2024-11214MEDIUMSourceCodester Best Employee Management System profile.php unrestricted uploadEPSS 0.6%CVE-2024-37289HIGHAn improper access control vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installatioEPSS 0.6%CVE-2024-0358MEDIUMDeShang DSO2O install.php access controlEPSS 0.6%