Falhas do tipo CWE-284
4.457 resultadosCVE-2026-48955MEDIUMJoomla! Core - [20260709] - Incorrect Access Control in com_workflowEPSS 0.2%CVE-2026-24711MEDIUMNorthern.tech CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 has Incorrect Access Control.EPSS 0.2%CVE-2025-13443MEDIUMmacrozheng mall delete access controlEPSS 0.2%CVE-2025-64706MEDIUMTypebot IDOR Vulnerability: Unauthorized API Token Deletion and ExposureEPSS 0.2%CVE-2026-48617LOWA flaw in Node.js Permission Model enforcement allows Bypass via `process.report.writeReport()` Path Misvalidation. This can lead to confideEPSS 0.2%CVE-2026-6313LOWInsufficient policy enforcement in CORS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer EPSS 0.2%CVE-2025-31269MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8, macOS Tahoe 26. An app may be ableEPSS 0.2%CVE-2022-34672HIGHNVIDIA Control Panel for Windows contains a vulnerability where an unauthorized user or an unprivileged regular user can compromise the secuEPSS 0.2%CVE-2026-44352MEDIUMFlowsint: Broken Access Control allows reading of sketch logs from any userEPSS 0.2%CVE-2026-40866HIGHHorilla: Unauthorized Document Overwrite via File Upload EndpointEPSS 0.2%CVE-2026-40867HIGHHorilla: Unauthorized Helpdesk Attachment Access via Attachment ID ManipulationEPSS 0.2%CVE-2023-38005MEDIUMImproper Access Control and Exposure of Information Through Directory Listing vulnerabilities affect IBM Cloud Pak System[, ]EPSS 0.2%CVE-2026-22033HIGHLabel Studio vulnerable to full account takeover by chaining Stored XSS + IDOR in User Profile via custom_hotkeys fieldEPSS 0.2%CVE-2026-24670MEDIUMOpen eClass Has Broken Access Control in Course Units Module Allows Students to Create UnitsEPSS 0.2%CVE-2026-12212MEDIUMhcengineering Huly Platform RPC operations.ts getMailboxSecret access controlEPSS 0.2%CVE-2024-41309HIGHAn issue in the Hardware info module of IT Solutions Enjay CRM OS v1.0 allows attackers to escape the restricted terminal environment and gaEPSS 0.2%CVE-2026-4027HIGHFlexNet Manager Suite Attachment File DisclosureEPSS 0.2%CVE-2026-24668MEDIUMOpen eClass Broken Access Control Allows Students to Add Content to Course UnitsEPSS 0.2%CVE-2024-41308HIGHAn issue in the Ping feature of IT Solutions Enjay CRM OS v1.0 allows attackers to escape the restricted terminal environment and gain root-EPSS 0.2%CVE-2025-43241MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS VenturEPSS 0.2%