Falhas do tipo CWE-284
4.335 resultadosCVE-2023-27350CRITICALThis vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). AuthenticEPSS 100.0%KEVCVE-2019-1653HIGHCisco Small Business RV320 and RV325 Routers Information Disclosure VulnerabilityEPSS 99.9%KEVCVE-2023-23752MEDIUM[20230201] - Core - Improper access check in webservice endpointsEPSS 99.8%KEVCVE-2023-29298HIGHAdobe ColdFusion Improper Access Control Security feature bypassEPSS 99.8%KEVCVE-2023-38205HIGHColdFusion Bypass - Vulnerability disclosure in ColdFusion | BYPASS CVE-2023-29298EPSS 99.7%KEVCVE-2024-27348CRITICALApache HugeGraph-Server: Command execution in gremlinEPSS 99.2%KEVCVE-2012-4681CRITICALMultiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to EPSS 98.5%KEVCVE-2024-20767HIGHColdFusion | Improper Access Control (CWE-284)EPSS 98.5%KEVCVE-2013-0422CRITICALMultiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using the public getMBeanEPSS 97.6%KEVCVE-2023-26360HIGHAdobe ColdFusion Improper Access Control Arbitrary code executionEPSS 97.1%KEVCVE-2022-0824HIGHImproper Access Control to Remote Code Execution in webmin/webminEPSS 97.0%CVE-2011-3544CRITICALUnspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remotEPSS 96.7%KEVCVE-2023-24489CRITICALA vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthentEPSS 95.1%KEVCVE-2012-1723CRITICALUnspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier,EPSS 93.7%KEVCVE-2016-3427CRITICALUnspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affEPSS 92.3%KEVCVE-2012-5076CRITICALUnspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers tEPSS 91.0%KEVCVE-2025-12480CRITICALTriofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages evenEPSS 90.4%KEVCVE-2014-3120HIGHThe default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expEPSS 88.6%KEVCVE-2026-35616CRITICALA improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated attacker to execute unauEPSS 88.5%KEVCVE-2020-8193MEDIUMImproper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and CEPSS 88.4%KEV