Fallos del tipo CWE-285
1302 resultadosCVE-2023-21452LOWImproper usage of implicit intent in Bluetooth prior to SMR Mar-2023 Release 1 allows attacker to get MAC address of connected device.EPSS 0.1%CVE-2023-21422MEDIUMImproper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNSEPSS 0.1%CVE-2023-21423MEDIUMImproper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows attacker to control BLE advertising without pEPSS 0.1%CVE-2023-21436LOWImproper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID.EPSS 0.1%CVE-2025-1078MEDIUMAppHouseKitchen AlDente Charge Limiter XPC Service com.apphousekitchen.aldente-pro.helper shouldAcceptNewConnection improper authorizationEPSS 0.1%CVE-2025-67603MEDIUMLack of client authorization allows arbitrary users to influence the firewall configurationEPSS 0.1%CVE-2023-21461MEDIUMImproper authorization vulnerability in AutoPowerOnOffConfirmDialog in Settings prior to SMR Mar-2023 Release 1 allows local attacker to turEPSS 0.1%CVE-2023-28973HIGHJunos OS Evolved: The 'sysmanctl' shell command allows a local user to gain access to some administrative actions EPSS 0.1%CVE-2026-35476HIGHInvenTree Affected by Privilege Escalation via APIEPSS 0.1%CVE-2022-45874MEDIUMHuawei Aslan Children's Watch has an improper authorization vulnerability. Successful exploit could allow the attacker to access certain filEPSS 0.1%CVE-2024-42036LOWAccess permission verification vulnerability in the Notepad module
Impact: Successful exploitation of this vulnerability may affect service EPSS 0.1%CVE-2023-41819MEDIUM
A PendingIntent hijacking vulnerability was reported in the Motorola Face Unlock application that could allow a local attacker to access unEPSS 0.1%CVE-2025-46296MEDIUMAn authorization bypass vulnerability in FileMaker Server Admin Console allowed administrator roles with minimal privileges to access adminiEPSS 0.1%CVE-2025-43289MEDIUMA logic issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. A maliciEPSS 0.1%CVE-2025-68712MEDIUMSpSoft AppLock (com.sp.protector.free) 7.9.40 for Android allows a local attacker with physical access to bypass fingerprint or PIN authentiEPSS 0.1%CVE-2025-40830HIGHA vulnerability has been identified in SINEC Security Monitor (All versions < V4.10.0). The affected application does not have proper authorEPSS 0.1%CVE-2022-36857LOWImproper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical attackers to read internal application EPSS 0.1%CVE-2025-65107MEDIUMLangfuse SSO Account Takeover via CSRF or phishing attackEPSS 0.1%CVE-2026-46620MEDIUMe107: CSRF in comment.php moderation endpoints via token-optional validation in session_handler::check()EPSS 0.1%CVE-2026-13514LOWChess Play and Learn App com.chess AndroidManifest.xml backupEPSS 0.1%