Fallos del tipo CWE-284

4409 resultados
CVE-2026-27591CRITICALWinter: Privilege escalation by authenticated backend usersEPSS 0.5%CVE-2025-64660HIGHGitHub Copilot and Visual Studio Code Remote Code Execution VulnerabilityEPSS 0.5%CVE-2026-35270CRITICALVulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are EPSS 0.5%CVE-2024-20322MEDIUMA vulnerability in the access control list (ACL) processing on Pseudowire interfaces in the ingress direction of Cisco IOS XR Software couldEPSS 0.5%CVE-2025-1834MEDIUMzj1983 zz resolve unrestricted uploadEPSS 0.5%CVE-2024-24751MEDIUMBroken Access Control in Backend Module in sf_event_mgtEPSS 0.5%CVE-2023-1832MEDIUMImproper authorization check in the server componentEPSS 0.5%CVE-2023-33191MEDIUMkyverno seccomp control can be circumventedEPSS 0.5%CVE-2024-41250MEDIUMAn Incorrect Access Control vulnerability was found in /smsa/view_students.php in Kashipara Responsive School Management System v3.2.0, whicEPSS 0.5%CVE-2022-32883MEDIUMA logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS EPSS 0.5%CVE-2024-20675MEDIUMMicrosoft Edge (Chromium-based) Security Feature Bypass VulnerabilityEPSS 0.5%CVE-2024-42775CRITICALAn Incorrect Access Control vulnerability was found in /admin/add_room_controller.php in Kashipara Hotel Management System v1.0, which allowEPSS 0.5%CVE-2023-5299HIGHFuji Electric Tellus Lite V-Simulator Improper Access ControlEPSS 0.5%CVE-2024-42772HIGHAn Incorrect Access Control vulnerability was found in /admin/rooms.php in Kashipara Hotel Management System v1.0, which allows an unauthentEPSS 0.5%CVE-2024-28016MEDIUMImproper Access Controlvulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WGEPSS 0.5%CVE-2026-35319CRITICALVulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are EPSS 0.5%CVE-2026-46880CRITICALVulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure Security). SupportedEPSS 0.5%CVE-2026-46797CRITICALVulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: WebCenter Sites). Supported versions that are aEPSS 0.5%CVE-2026-46890CRITICALVulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM (component: Marketing). Supported versions that are affected are EPSS 0.5%CVE-2026-35310CRITICALVulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.EPSS 0.5%