Falhas do tipo CWE-276
905 resultadosCVE-2025-48950MEDIUMMaxKB Python Sandbox Bypass in Function LibraryEPSS 0.4%CVE-2021-40396HIGHA privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iService 1.1.7. A specially-crafted file can be replacEPSS 0.4%CVE-2022-20452HIGHIn initializeFromParcelLocked of BaseBundle.java, there is a possible method arbitrary code execution due to a confused deputy. This could lEPSS 0.4%CVE-2021-40388HIGHA privilege escalation vulnerability exists in Advantech SQ Manager Server 1.0.6. A specially-crafted file can be replaced in the system to EPSS 0.4%CVE-2021-40389HIGHA privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iEdge Server 1.0.2. A specially-crafted file can be reEPSS 0.4%CVE-2020-8026HIGHinn: non-root owned filesEPSS 0.4%CVE-2023-46870HIGHextcap/nrf_sniffer_ble.py, extcap/nrf_sniffer_ble.sh, extcap/SnifferAPI/*.py in Nordic Semiconductor nRF Sniffer for Bluetooth LE 3.0.0, 3.1EPSS 0.4%CVE-2023-29131HIGHA vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device consists of an incorrect default value in the EPSS 0.4%CVE-2023-29058MEDIUMA valid, authenticated XCC user with read-only permissions can modify custom user roles on other user accounts and the user trespass messageEPSS 0.4%CVE-2026-26131HIGH.NET Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2018-11453—A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12 (All versions), SIMATIC STEP 7 (TIA EPSS 0.4%CVE-2024-28058HIGHIn RSA NetWitness (NW) Platform before 12.5.1, even when an administrator revokes the access of a specific user with an active session, an iEPSS 0.4%CVE-2020-7004—VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow weak or insecure permissions on the VBASE directory resulting in eEPSS 0.4%CVE-2024-21002LOWVulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions thEPSS 0.4%CVE-2024-26302MEDIUMA vulnerability in the web-based management interface of ClearPass Policy Manager could allow a remote attacker authenticated with low priviEPSS 0.4%CVE-2024-21004LOWVulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions thEPSS 0.4%CVE-2023-52362HIGHPermission management vulnerability in the lock screen module.Successful exploitation of this vulnerability may affect availability.EPSS 0.4%CVE-2024-45690HIGHMoodle: idor when deleting oauth2 linked accountsEPSS 0.4%CVE-2020-8933CRITICALPriviged Escalation in Google Cloud Platform's Guest-OSLoginEPSS 0.4%CVE-2025-46014HIGHSeveral services in Honor Device Co., Ltd Honor PC Manager v16.0.0.118 was discovered to connect services to the named pipe iMateBookAssistaEPSS 0.4%