Falhas do tipo CWE-284
4.460 resultadosCVE-2026-4947HIGHInsecure Direct Object Reference (IDOR) Leading to Signature Forgery in Foxit eSignEPSS 0.2%CVE-2023-30768HIGHImproper access control in the Intel(R) Server Board S2600WTT belonging to the Intel(R) Server Board S2600WT Family with the BIOS version 00EPSS 0.2%CVE-2023-32458HIGH
Dell AppSync, versions 4.4.0.0 to 4.6.0.0 including Service Pack releases, contains an improper access control vulnerability in Embedded SeEPSS 0.2%CVE-2023-44248MEDIUMAn improper access control vulnerability [CWE-284] in FortiEDRCollectorWindows version 5.2.0.4549 and below, 5.0.3.1007 and below, 4.0 all mEPSS 0.2%CVE-2026-5230HIGHImproper Access Control in Mia Technologies' Pizzy LibraryEPSS 0.2%CVE-2026-36933MEDIUMAn issue in Boyleep K11, y108 firmware v.2.3.0.11291 allows a physically proximate attacker to execute arbitrary code via the factory test fEPSS 0.2%CVE-2023-31199HIGHImproper access control in the Intel(R) Solid State Drive Toolbox(TM) before version 3.4.5 may allow a privileged user to potentially enableEPSS 0.2%CVE-2025-43332MEDIUMA file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26.EPSS 0.2%CVE-2025-23277HIGHNVIDIA Display Driver for Linux and Windows contains a vulnerability in the kernel mode driver, where an attacker could access memory outsidEPSS 0.2%CVE-2025-65796MEDIUMIncorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other EPSS 0.2%CVE-2022-41621LOWImproper access control in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable EPSS 0.2%CVE-2023-20587HIGHImproper
Access Control in System Management Mode (SMM) may allow an attacker access to
the SPI flash potentially leading to arbitrary code EPSS 0.2%CVE-2026-50744MEDIUMA bypass to the admin‑only restriction of the XML‑RPC API in Revive Adserver 6.0.7. The API response for the ox.login method returned a sessEPSS 0.2%CVE-2022-36866MEDIUMImproper access control vulnerability in Broadcaster in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(1EPSS 0.2%CVE-2022-36869MEDIUMImproper access control vulnerability in ContactsDumpActivity of?Contacts Provider prior to version 12.7.59 allows attacker to access the fiEPSS 0.2%CVE-2022-36865MEDIUMImproper access control in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackersEPSS 0.2%CVE-2024-40858HIGHA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. An app may be able to access ContEPSS 0.2%CVE-2026-14613MEDIUMKeycloak-services: keycloak-services: keycloak: fgap v2 role groups endpoint discloses hidden group metadata without group view permissionEPSS 0.2%CVE-2022-36867MEDIUMImproper access control vulnerability in Editor Lite prior to version 4.0.40.14 allows attackers to access sensitive information.EPSS 0.2%CVE-2024-25576HIGHimproper access control in firmware for some Intel(R) FPGA products before version 24.1 may allow a privileged user to enable escalation of EPSS 0.2%