Falhas do tipo CWE-269
1.785 resultadosCVE-2022-38378MEDIUMAn improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 thrEPSS 0.2%CVE-2025-31284MEDIUMA broken access control vulnerability previously discovered in the Trend Vision One Status component could have allowed an administrator to EPSS 0.2%CVE-2024-40781HIGHThe issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. A localEPSS 0.2%CVE-2025-31283MEDIUMA broken access control vulnerability previously discovered in the Trend Vision One User Roles component could have allowed an administratorEPSS 0.2%CVE-2025-8309HIGHUser privilege escalation vulnerabilityEPSS 0.2%CVE-2025-31285MEDIUMA broken access control vulnerability previously discovered in the Trend Vision One Role Name component could have allowed an administrator EPSS 0.2%CVE-2026-10868CRITICALMISP user edit endpoint mass assignment vulnerability allows unauthorized user account modificationEPSS 0.2%CVE-2023-24509CRITICALOn affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading t ...EPSS 0.2%CVE-2025-53030MEDIUMVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.EPSS 0.2%CVE-2023-48419CRITICALAn attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in EoPEPSS 0.2%CVE-2026-5193MEDIUMEssential Addons for Elementor – Popular Elementor Templates & Widgets <= 6.5.13 - Authenticated (Author+) Limited Privilege Escalation via register_userEPSS 0.2%CVE-2024-41949LOWbiscuit-rust vulnerable to public key confusion in third party blockEPSS 0.2%CVE-2025-31282MEDIUMA broken access control vulnerability previously discovered in the Trend Vision One User Account component could have allowed an administratEPSS 0.2%CVE-2025-67781CRITICALAn issue was discovered in DriveLock 24.1 before 24.1.6, 24.2 before 24.2.7, and 25.1 before 25.1.5. Local unprivileged users can manipulateEPSS 0.2%CVE-2026-8157HIGHVitepos < 3.4.2 - Outlet Manager+ Privilege EscalationEPSS 0.2%CVE-2023-45083MEDIUMHyperCloud: "admin" and "serveradmin" users can be deletedEPSS 0.2%CVE-2021-31359HIGHJunos OS and Junos OS Evolved: Local Privilege Escalation vulnerabilityEPSS 0.2%CVE-2022-32794HIGHA logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, mEPSS 0.2%CVE-2024-47770MEDIUMAbility to view Agent list with no privilege access in wazuh-dashboardEPSS 0.2%CVE-2025-36904CRITICALWLAN in Android before 2025-09-05 on Google Pixel devices allows elevation of privilege, aka A-396458384.EPSS 0.2%