Falhas do tipo CWE-284
4.356 resultadosCVE-2024-3765CRITICALXiongmai AHB7804R-MH-V2 Sofia Service access controlEPSS 1.2%CVE-2020-14312—A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat EnterpriseEPSS 1.2%CVE-2021-40404MEDIUMAn authentication bypass vulnerability exists in the cgiserver.cgi Login functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-EPSS 1.2%CVE-2021-1389MEDIUMCisco IOS XR and Cisco NX-OS Software IPv6 Access Control List Bypass VulnerabilityEPSS 1.2%CVE-2020-13675—Drupal's JSON:API and REST/File modules allow file uploads through their HTTP APIs. The modules do not correctly run all file validation, whEPSS 1.2%CVE-2022-0203HIGHImproper Access Control in crater-invoice/craterEPSS 1.2%CVE-2022-0133MEDIUMImproper Access Control in chocobozzz/peertubeEPSS 1.2%CVE-2017-9285MEDIUMLogin restrictions not applied when using ebaclient against NetIQ eDirectory EBA interfaceEPSS 1.2%CVE-2023-32632HIGHA command execution vulnerability exists in the validate.so diag_ping_start functionality of Yifan YF325 v1.0_20221108. A specially crafted EPSS 1.2%CVE-2020-3245MEDIUMCisco Smart Software Manager On-Prem Improper Access Control VulnerabilityEPSS 1.2%CVE-2021-4361HIGHJobSearch WP Job Board <= 1.8.1 - Missing Authorization to Arbitrary Options UpdateEPSS 1.2%CVE-2021-32514HIGHQSAN Storage Manager - Improper Access Control Following via FirwareUpgrade functionEPSS 1.2%CVE-2021-0205MEDIUMJunos OS: MX Series: Dynamic filter fails to match IPv6 prefixEPSS 1.2%CVE-2024-43600HIGHMicrosoft Office Elevation of Privilege VulnerabilityEPSS 1.2%CVE-2020-36700HIGHPage Builder: KingComposer < 2.9.4 - Authorization Bypass due to Improper Access ControlEPSS 1.2%CVE-2025-58751LOWVite middleware may serve files starting with the same name with the public directoryEPSS 1.2%CVE-2019-6544—GE Communicator, all versions prior to 4.0.517, has a service running with system privileges that may allow an unprivileged user to perform EPSS 1.2%CVE-2026-42569CRITICALphpvms: /importer authorization bypass causing full database wipeEPSS 1.2%CVE-2024-21376CRITICALMicrosoft Azure Kubernetes Service Confidential Container Remote Code Execution VulnerabilityEPSS 1.2%CVE-2022-35689MEDIUMAdobe Commerce Improper Access Control Security feature bypassEPSS 1.2%