Falhas do tipo CWE-270
26 resultadosCVE-2023-26475CRITICALXWiki Platform vulnerable to Remote Code Execution in AnnotationsEPSS 64.5%CVE-2021-3493HIGHThe overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities EPSS 44.0%KEVCVE-2023-25754CRITICALApache Airflow: Privilege escalation using airflow logsEPSS 2.3%CVE-2023-37912CRITICALXWiki Rendering's footnote macro vulnerable to privilege escalation via the footnote macroEPSS 1.2%CVE-2020-7019—In Elasticsearch before 7.9.0 and 6.8.12 a field disclosure flaw was found when running a scrolling search with Field Level Security. If a uEPSS 1.2%CVE-2019-14819HIGHA flaw was found during the upgrade of an existing OpenShift Container Platform 3.x cluster. Using CRI-O, the dockergc service account is asEPSS 1.0%CVE-2020-7020—Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search querEPSS 1.0%CVE-2020-1719—A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The hEPSS 0.6%CVE-2026-9560CRITICALPrivilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute arbitrary commands wEPSS 0.6%CVE-2025-49581HIGHXWiki allows remote code execution through default value of wiki macro wiki-type parametersEPSS 0.5%CVE-2024-8641MEDIUMPrivilege Context Switching Error in GitLabEPSS 0.5%CVE-2024-37294MEDIUMAimeos denial of service vulnerability in SaaS and marketplace setupsEPSS 0.4%CVE-2024-12570MEDIUMPrivilege Context Switching Error in GitLabEPSS 0.4%CVE-2017-2663HIGHIt was found that subscription-manager's DBus interface before 1.19.4 let unprivileged user access the com.redhat.RHSM1.Facts.GetFacts and cEPSS 0.4%CVE-2024-47173MEDIUMAimeos GraphQL API admin interface denial of service vulnerability in SaaS and marketplace setupsEPSS 0.3%CVE-2025-60721HIGHWindows Administrator Protection Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2025-55210LOWFreePBX API has a Privilege Escalation Error in GraphQL Allowing Authenticated Users to Access Additional ScopesEPSS 0.3%CVE-2025-49583MEDIUMXWiki provides no warning when granting XWiki.Notifications.Code.NotificationEmailRendererClass admin rightEPSS 0.2%CVE-2024-51987MEDIUMHTTP Client uses incorrect token after refresh in Duende.AccessTokenManagement.OpenIdConnectEPSS 0.2%CVE-2024-36513HIGHA privilege context switching error vulnerability [CWE-270] in FortiClient Windows version 7.2.4 and below, version 7.0.12 and below, 6.4 alEPSS 0.2%