Falhas do tipo CWE-284

4.458 resultados
CVE-2023-42969LOWAn app may be able to break out of its sandbox. This issue is fixed in iOS 17 and iPadOS 17, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14, macOEPSS 0.2%CVE-2023-22618HIGHIf Security Hardening guide rules are not followed, then Nokia WaveLite products allow a local user to create new users with administrative EPSS 0.2%CVE-2026-56823MEDIUMAutoGPT: IDOR in Webhook Ping Endpoint Allows Enumeration and Cross-User Ping TriggeringEPSS 0.1%CVE-2025-46307MEDIUMA logic issue was addressed with improved restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access sensitive user dEPSS 0.1%CVE-2026-35067MEDIUMDell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Access Control vulnerability. A low privileged attacker with adjEPSS 0.1%CVE-2025-25225MEDIUMExtension - hikashop.com - Privilege escalation vulnerability Hikashop component version 1.0.0 - 5.1.3 for JoomlaEPSS 0.1%CVE-2026-46768MEDIUMVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: VMSVGA device). The supported version that is affecEPSS 0.1%CVE-2024-6364MEDIUMServer Identity Validation Bypass in Absolute Persistence®EPSS 0.1%CVE-2025-1390MEDIUMpam_cap: Fix potential configuration parsing errorEPSS 0.1%CVE-2023-21447MEDIUMImproper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local attackers to access information with SamsungEPSS 0.1%CVE-2024-27200MEDIUMImproper access control in some Intel(R) Granulate(TM) software before version 4.30.1 may allow a authenticated user to potentially enable eEPSS 0.1%CVE-2025-1865HIGHLocal Privilege Escalation in Virtual CloneDrive Kernel DriverEPSS 0.1%CVE-2024-39580MEDIUMDell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control vulnerability. A high privileged attacker with locaEPSS 0.1%CVE-2023-21463MEDIUMImproper access control vulnerability in MyFiles application prior to versions 12.2.09.0 in Android 11, 13.1.03.501 in Android 12 and 14.1.0EPSS 0.1%CVE-2025-50777HIGHThe firmware of the AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera (version V1.00.02) contains an Incorrect Access Control vulnerabEPSS 0.1%CVE-2024-39285MEDIUMImproper access control in UEFI firmware in some Intel(R) Server M20NTP Family may allow a privileged user to potentially enable informationEPSS 0.1%CVE-2026-44783MEDIUMDiscourse: Replying to a whisper lets non-whisperers create staff-only whisper postsEPSS 0.1%CVE-2025-46282MEDIUMThe issue was addressed with additional permissions checks. This issue is fixed in Safari 26.2, macOS Tahoe 26.2. An app may be able to acceEPSS 0.1%CVE-2026-14003MEDIUMInsufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a EPSS 0.1%CVE-2025-21105MEDIUMDell RecoverPoint for Virtual Machines 6.0.X contains a command execution vulnerability. A Low privileged malicious user with local access cEPSS 0.1%