Fallos del tipo CWE-284

4399 resultados
CVE-2023-22600CRITICAL InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerEPSS 0.5%CVE-2024-13201MEDIUMwander-chu SpringBoot-Blog Admin Attachment AttachtController.java upload unrestricted uploadEPSS 0.5%CVE-2025-30691MEDIUMVulnerability in Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM EPSS 0.5%CVE-2026-25519HIGHOpenSlides has incorrect access control vulnerability in authentication serviceEPSS 0.5%CVE-2023-41603MEDIUMD-Link R15 before v1.08.02 was discovered to contain no firewall restrictions for IPv6 traffic. This allows attackers to arbitrarily access EPSS 0.5%CVE-2026-33890HIGHMyTube has an Unauthenticated Admin Privilege Escalation via Passkey RegistrationEPSS 0.5%CVE-2023-47422HIGHAn access control issue in /usr/sbin/httpd in Tenda TX9 V1 V22.03.02.54, Tenda AX3 V3 V16.03.12.11, Tenda AX9 V1 V22.03.01.46, and Tenda AX1EPSS 0.5%CVE-2025-55373MEDIUMIncorrect access control in Beakon Application before v5.4.3 allows authenticated attackers with low-level privileges to escalate privilegesEPSS 0.5%CVE-2024-5430MEDIUMImproper Access Control in GitLabEPSS 0.5%CVE-2024-22415HIGHUnsecured endpoints in the jupyter-lsp server extensionEPSS 0.5%CVE-2025-63958CRITICALMILLENSYS Vision Tools Workspace 6.5.0.2585 exposes a sensitive configuration endpoint (/MILLENSYS/settings) that is accessible without authEPSS 0.5%CVE-2024-36068HIGHAn incorrect access control vulnerability in Rubrik CDM versions prior to 9.1.2-p1, 9.0.3-p6 and 8.1.3-p12, allows an attacker with network EPSS 0.5%CVE-2025-24435MEDIUMAdobe Commerce | Improper Access Control (CWE-284)EPSS 0.5%CVE-2023-39244HIGHDELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an information disclosure vulnerability in EHAC component. An EPSS 0.5%CVE-2023-32065MEDIUMOroCommerce get-totals-for-checkout API endpoint returns unwanted dataEPSS 0.5%CVE-2025-9772MEDIUMRemoteClinic edit.php unrestricted uploadEPSS 0.5%CVE-2025-10321MEDIUMWavlink WL-WN578W2 live_online.shtml information disclosureEPSS 0.5%CVE-2025-9775MEDIUMRemoteClinic edit-my-profile.php unrestricted uploadEPSS 0.5%CVE-2024-38909CRITICALStudio 42 elFinder 2.1.64 is vulnerable to Incorrect Access Control. Copying files with an unauthorized extension between server directoriesEPSS 0.5%CVE-2024-21665MEDIUMPimcore Ecommerce Framework Bundle Improper Access Control allows unprivileged user to access back-office orders listEPSS 0.5%