Falhas do tipo CWE-281
210 resultadosCVE-2024-3545MEDIUMImproper permission handling in the vault offline cache feature in Devolutions Remote Desktop Manager 2024.1.20 and earlier on windows and DEPSS 0.3%CVE-2025-32696NONE"reupload-own" restriction can be bypassed by reverting fileEPSS 0.3%CVE-2022-48296MEDIUMThe SystemUI has a vulnerability in permission management. Successful exploitation of this vulnerability may cause users to receive broadcasEPSS 0.3%CVE-2024-40824HIGHThis issue was addressed through improved state management. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, wEPSS 0.3%CVE-2023-28647MEDIUMApp pin of the iOS app can be bypassed in Nextcloud iOSEPSS 0.3%CVE-2024-44223MEDIUMThis issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. An attacker with physical access to aEPSS 0.3%CVE-2021-41089LOW`docker cp` allows unexpected chmod of host filesEPSS 0.3%CVE-2026-34600MEDIUMJoplin Server delta API returns note content after share access is revokedEPSS 0.3%CVE-2024-53994MEDIUMPotential bypass of chat permissions in DiscourseEPSS 0.3%CVE-2025-21541MEDIUMVulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Admin Screens and Grants UI). Supported versions that aEPSS 0.3%CVE-2024-40828HIGHThe issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. A malicEPSS 0.3%CVE-2024-37649MEDIUMInsecure Permissions vulnerability in SecureSTATION v.2.5.5.3116-S50-SMA-B20160811A and before allows a physically proximate attacker to obtEPSS 0.3%CVE-2024-54513MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18EPSS 0.3%CVE-2022-42260HIGHNVIDIA vGPU Display Driver for Linux guest contains a vulnerability in a D-Bus configuration file, where an unauthorized user in the guest VEPSS 0.3%CVE-2025-27703HIGHPrivilege escalation in the management console of Absolute Secure Access prior to version 13.54EPSS 0.3%CVE-2025-21544MEDIUMVulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications (component: Security).EPSS 0.3%CVE-2022-4139HIGHAn incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or dataEPSS 0.3%CVE-2024-47270LOWImproper preservation of permissions vulnerability in Archiving Push functionality in Synology Surveillance Station before 9.2.2-11575 and 9EPSS 0.2%CVE-2023-2993MEDIUMA valid, authenticated user with limited privileges may be able to use specifically crafted web management server API calls to execute a limEPSS 0.2%CVE-2023-25646HIGHPermission and Access Control Vulnerability in ZTE H388XEPSS 0.2%