Fallos del tipo CWE-284
4394 resultadosCVE-2024-25120MEDIUMImproper Access Control of Resources Referenced by t3:// URI Scheme in TYPO3EPSS 0.5%CVE-2025-21337LOWWindows NTFS Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2026-35904CRITICALIncorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 alloEPSS 0.5%CVE-2025-43413HIGHAn access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, mEPSS 0.5%CVE-2024-42797CRITICALAn Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_playlist in Kashipara Music Management System v1.0. ThiEPSS 0.5%CVE-2025-28403HIGHAn issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method does not properly validate whether the reqEPSS 0.5%CVE-2023-6785MEDIUMDownload Manager <= 3.2.84 - Missing AuthorizationEPSS 0.5%CVE-2024-0687MEDIUMRestrict User Access – Ultimate Membership & Content Protection <= 2.5 - Information ExposureEPSS 0.5%CVE-2020-27831—A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repositoryEPSS 0.5%CVE-2023-29051HIGHUser-defined OXMF templates could be used to access a limited part of the internal OX App Suite Java API. The existing switch to disable theEPSS 0.5%CVE-2022-43494HIGH
An unauthorized user could be able to read any file on the system, potentially exposing sensitive information.
EPSS 0.5%CVE-2023-35167MEDIUMWhen setting EntityOptions.apiPrefilter to a function, the filter is not applied to API requests for a resource by IdEPSS 0.5%CVE-2023-32333MEDIUMIBM Maximo Asset Management improper access controlEPSS 0.5%CVE-2019-1805MEDIUMCisco Wireless LAN Controller Secure Shell Unauthorized Access VulnerabilityEPSS 0.5%CVE-2024-53496CRITICALIncorrect access control in the doFilter function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentiEPSS 0.5%CVE-2022-0143CRITICALLDAP Connector: When startTLS is used then LDAP connector ignores the wrong passwordEPSS 0.5%CVE-2021-28129—DEB packaging for Apache OpenOffice 4.1.8 installed with a non-root userid and groupidEPSS 0.5%CVE-2026-42074CRITICALOpenClaude: Sandbox Bypass via Model-Controlled `dangerouslyDisableSandbox` InputEPSS 0.5%CVE-2026-2148MEDIUMTenda AC21 Web Management DownloadFlash information disclosureEPSS 0.5%CVE-2024-8779HIGHThe SYSCOM Group OMFLOW - Broken Access ControlEPSS 0.5%