Fallos del tipo CWE-284
4383 resultadosCVE-2020-27873MEDIUMThis vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R7450 1.2.0.62_1EPSS 0.6%CVE-2025-7565MEDIUMLB-LINK BL-AC3600 Web Management Interface lighttpd.cgi geteasycfg information disclosureEPSS 0.6%CVE-2023-28844MEDIUMUser without download rights can download older version of that file in nextcloud serverEPSS 0.6%CVE-2022-1261MEDIUMMatrikon OPC Server Improper Access ControlEPSS 0.6%CVE-2016-4427—In zulip before 1.3.12, deactivated users could access messages if SSO was enabled.EPSS 0.6%CVE-2025-45343CRITICALAn issue in Tenda W18E v.2.0 v.16.01.0.11 allows an attacker to execute arbitrary code via the editing functionality of the account module iEPSS 0.6%CVE-2024-31964HIGHA vulnerability on Mitel 6800 Series and 6900 Series SIP Phones through 6.3 SP3 HF4, 6900w Series SIP Phone through 6.3.3, and 6970 ConferenEPSS 0.6%CVE-2024-21364CRITICALMicrosoft Azure Site Recovery Elevation of Privilege VulnerabilityEPSS 0.6%CVE-2021-4338MEDIUM404 to 301 <= 3.0.7 - Missing Authorization to Redirect CreationEPSS 0.6%CVE-2024-25677HIGHIn Min before 1.31.0, local files are not correctly treated as unique security origins, which allows them to improperly request cross-originEPSS 0.6%CVE-2024-6737HIGH2100 TECHNOLOGY Electronic Official Document Management System - Broken Access ControlEPSS 0.6%CVE-2021-46270LOWJFrog Artifactory before 7.31.10, is vulnerable to Broken Access Control where a project admin user is able to list all available repositoryEPSS 0.6%CVE-2022-43110CRITICALVoltronic Power ViewPower through 1.04-21353 and PowerShield Netguard before 1.04-23292 allows a remote attacker to configure the system viaEPSS 0.6%CVE-2022-39310MEDIUMMalicious agent may be able to impersonate another agent in GoCDEPSS 0.6%CVE-2019-1690MEDIUMCisco Application Policy Infrastructure Controller IPv6 Link-Local Address VulnerabilityEPSS 0.6%CVE-2021-24635—Visual Link Preview < 2.2.3 - Unauthorised AJAX CallsEPSS 0.6%CVE-2024-28338HIGHA login bypass in TOTOLINK A8000RU V7.1cu.643_B20200521 allows attackers to login to Administrator accounts via providing a crafted session EPSS 0.6%CVE-2022-38546MEDIUMA DNS misconfiguration was found in Zyxel NBG7510 firmware versions prior to V1.00(ABZY.3)C0, which could allow an unauthenticated attacker EPSS 0.6%CVE-2026-34444HIGHLupa has a Sandbox escape and RCE due to incomplete attribute_filter enforcement in getattr / setattrEPSS 0.6%CVE-2022-45937HIGHA vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions <EPSS 0.6%