Fallos del tipo CWE-284
4394 resultadosCVE-2023-21905MEDIUMVulnerability in the Oracle Banking Virtual Account Management product of Oracle Financial Services Applications (component: Routing Hub). EPSS 0.6%CVE-2026-44277CRITICALA improper access control vulnerability in Fortinet FortiAuthenticator 8.0.2, FortiAuthenticator 8.0.0, FortiAuthenticator 6.6.0 through 6.6EPSS 0.6%CVE-2023-35940HIGHGLPI vulnerable to unauthenticated access to Dashboard dataEPSS 0.6%CVE-2024-42559CRITICALAn issue in the login component (process_login.php) of Hotel Management System commit 79d688 allows attackers to authenticate without providEPSS 0.6%CVE-2022-38377MEDIUMAn improper access control vulnerability [CWE-284] in FortiManager 7.2.0, 7.0.0 through 7.0.3, 6.4.0 through 6.4.7, 6.2.0 through 6.2.9, 6.0EPSS 0.5%CVE-2025-15597MEDIUMDataease SQLBot API Endpoint assistant.py access controlEPSS 0.5%CVE-2022-34431MEDIUMDell Hybrid Client below 1.8 version contains a guest user profile corruption vulnerability. A WMS privilege attacker could potentially explEPSS 0.5%CVE-2022-34894LOWIn JetBrains Hub before 2022.2.14799, insufficient access control allowed the hijacking of untrusted servicesEPSS 0.5%CVE-2024-38873MEDIUMAn issue was discovered in the friendlycaptcha_official (aka Integration of Friendly Captcha) extension before 0.1.4 for TYPO3. The extensioEPSS 0.5%CVE-2022-46678MEDIUM
Wyse Management Suite
3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit genEPSS 0.5%CVE-2022-46677MEDIUM
Wyse Management Suite 3.8 and below contain an improper access control vulnerability with which an custom group admin can create a subgroupEPSS 0.5%CVE-2025-63225CRITICALThe Eurolab ELTS100_UBX device (firmware version ELTS100v1.UBX) is vulnerable to Broken Access Control due to missing authentication on critEPSS 0.5%CVE-2022-46755MEDIUM
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit generalEPSS 0.5%CVE-2022-46676MEDIUM
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A malicious admin user can disable or delete users unEPSS 0.5%CVE-2022-47037HIGHSiklu TG Terragraph devices before 2.1.1 allow attackers to discover valid, randomly generated credentials via GetCredentials.EPSS 0.5%CVE-2025-30707HIGHVulnerability in the Oracle iStore product of Oracle E-Business Suite (component: User Management). Supported versions that are affected arEPSS 0.5%CVE-2024-24485HIGHAn issue discovered in silex technology DS-600 Firmware v.1.4.1 allows a remote attacker to obtain sensitive information via the GET EEP_DATEPSS 0.5%CVE-2019-10168HIGHThe virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept EPSS 0.5%CVE-2024-8164MEDIUMChengdu Everbrite Network Technology BeikeShop FileManagerController.php rename unrestricted uploadEPSS 0.5%CVE-2025-21337LOWWindows NTFS Elevation of Privilege VulnerabilityEPSS 0.5%