Falhas do tipo CWE-284
4.364 resultadosCVE-2021-32652HIGHMissing permission check on email metadata retrievalEPSS 1.1%CVE-2019-15590—An access control issue exists in < 12.3.5, < 12.2.8, and < 12.1.14 for GitLab Community Edition (CE) and Enterprise Edition (EE) where privEPSS 1.1%CVE-2021-40405HIGHA denial of service vulnerability exists in the cgiserver.cgi Upgrade API functionality of Reolink RLC-410W v3.0.0.136_20121102. A speciallyEPSS 1.1%CVE-2024-22026MEDIUMA local privilege escalation vulnerability in EPMM before 12.1.0.0 allows an authenticated local user to bypass shell restriction and executEPSS 1.1%CVE-2024-25169CRITICALAn issue in Mezzanine v6.0.0 allows attackers to bypass access control mechanisms in the admin panel via a crafted request.EPSS 1.1%CVE-2019-18275—OSIsoft PI Vision, All versions of PI Vision prior to 2019. The affected product is vulnerable to an improper access control, which may retuEPSS 1.1%CVE-2023-21717HIGHMicrosoft SharePoint Server Elevation of Privilege VulnerabilityEPSS 1.1%CVE-2023-38297HIGHAn issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain softEPSS 1.1%CVE-2021-28579MEDIUMAdobe Connect improper access control could lead to privilege escalationEPSS 1.1%CVE-2021-27653MEDIUMMisconfiguration of the Pega Chat Access Group portal in Pega platform 7.4.0 - 8.5.x could lead to unintended data exposure.EPSS 1.1%CVE-2019-10130LOWA vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x EPSS 1.1%CVE-2025-27744HIGHMicrosoft Office Elevation of Privilege VulnerabilityEPSS 1.1%CVE-2023-29924CRITICALPowerJob V4.3.1 is vulnerable to Incorrect Access Control that allows for remote code execution.EPSS 1.1%CVE-2019-5474—An authorization issue was discovered in GitLab EE < 12.1.2, < 12.0.4, and < 11.11.6 allowing the merge request approval rules to be overridEPSS 1.1%CVE-2025-44654CRITICALIn Linksys E2500 3.0.04.002, the chroot_local_user option is enabled in the vsftpd configuration file. This could lead to unauthorized accesEPSS 1.1%CVE-2023-47539CRITICALAn improper access control vulnerability in FortiMail version 7.4.0 configured with RADIUS authentication and remote_wildcard enabled may alEPSS 1.1%CVE-2019-3794MEDIUMUAA - Login app subject to clickjacking attackEPSS 1.1%CVE-2020-10612—Opto 22 SoftPAC Project Version 9.6 and prior. SoftPACAgent communicates with SoftPACMonitor over network Port 22000. However, this port is EPSS 1.1%CVE-2022-20859MEDIUMCisco Unified Communications Products Access Control VulnerabilityEPSS 1.1%CVE-2021-21431HIGHImproper Input Validation in sopel-plugins.channelmgntEPSS 1.1%