Fallos del tipo CWE-284
4383 resultadosCVE-2022-45937HIGHA vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions <EPSS 0.6%CVE-2023-32279HIGHImproper access control in user mode driver for some Intel(R) Connectivity Performance Suite before version 2.1123.214.2 may allow unauthentEPSS 0.6%CVE-2017-8447—An error was found in the X-Pack Security 5.3.0 to 5.5.2 privilege enforcement. If a user has either 'delete' or 'index' permissions on an iEPSS 0.6%CVE-2025-1598MEDIUMSourceCodester Best Church Management Software asset_crud.php unrestricted uploadEPSS 0.6%CVE-2021-32584MEDIUMAn improper access control (CWE-284) vulnerability in FortiWLC version 8.6.0, version 8.5.3 and below, version 8.4.8 and below, version 8.3.EPSS 0.6%CVE-2019-1649MEDIUMCisco Secure Boot Hardware Tampering VulnerabilityEPSS 0.6%CVE-2024-36443HIGHSwissphone DiCal-RED 4009 devices allow a remote attacker to gain read access to almost the whole file system via anonymous FTP.EPSS 0.6%CVE-2023-43119—An Access Control issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, also fixed in 22.7, 31.7.2 allows attackers to EPSS 0.6%CVE-2018-1069—Red Hat OpenShift Enterprise version 3.7 is vulnerable to access control override for container network filesystems. An attacker could overrEPSS 0.6%CVE-2022-42707HIGHIn Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0, embedded images are accessible withoutEPSS 0.6%CVE-2023-2674HIGHImproper Access Control in openemr/openemrEPSS 0.6%CVE-2025-47884CRITICALIn Jenkins OpenID Connect Provider Plugin 96.vee8ed882ec4d and earlier the generation of build ID Tokens uses potentially overridden values EPSS 0.6%CVE-2023-31138HIGHDHIS2 Core vulnerable to Improper Access Control with PATCH requestsEPSS 0.6%CVE-2026-24304CRITICALAzure Resource Manager Elevation of Privilege VulnerabilityEPSS 0.6%CVE-2024-43717MEDIUMAdobe Experience Manager | Improper Access Control (CWE-284)EPSS 0.6%CVE-2024-43716MEDIUMAdobe Experience Manager | Improper Access Control (CWE-284)EPSS 0.6%CVE-2023-33947LOWThe Object module in Liferay Portal 7.4.3.4 through 7.4.3.60, and Liferay DXP 7.4 before update 61 does not segment object definition by virEPSS 0.6%CVE-2024-30059MEDIUMMicrosoft Intune for Android Mobile Application Management Tampering VulnerabilityEPSS 0.6%CVE-2023-33946LOWThe Object module in Liferay Portal 7.4.3.4 through 7.4.3.48, and Liferay DXP 7.4 before update 49 does properly isolate objects in differenEPSS 0.6%CVE-2023-49791MEDIUMWorkflows do not require password confirmation on API levelEPSS 0.6%