Falhas do tipo CWE-284
4.370 resultadosCVE-2024-11961MEDIUMGuangzhou Huayi Intelligent Technology Jeewms WmOmNoticeHController.java preHandle information disclosureEPSS 0.9%CVE-2024-1114MEDIUMopenBI Screen.php dlfile access controlEPSS 0.9%CVE-2021-4352MEDIUMJobSearch WP Job Board <= 1.8.1 - Missing Authorization to Settings ChangeEPSS 0.9%CVE-2016-9599HIGHpuppet-tripleo before versions 5.5.0, 6.2.0 is vulnerable to an access-control flaw in the IPtables rules management, which allowed the creaEPSS 0.9%CVE-2025-24411HIGHAdobe Commerce | Improper Access Control (CWE-284)EPSS 0.9%CVE-2022-38184HIGHThere is an improper access control vulnerability in Portal for ArcGIS versions 10.8.1EPSS 0.9%CVE-2023-24058MEDIUMBooked Scheduler 2.5.5 allows authenticated users to create and schedule events for any other user via a modified userId value to reservatioEPSS 0.9%CVE-2023-39349HIGHSentry vulnerable to privilege escalation via ApiTokensEndpointEPSS 0.8%CVE-2020-1604MEDIUMJunos OS: EX4300/EX4600/QFX3500/QFX5100 Series: Stateless IP firewall filter may fail to evaluate certain packetsEPSS 0.8%CVE-2024-0212HIGHCloudflare WordPress plugin enables information disclosure of Cloudflare API (for low privileged users)EPSS 0.8%CVE-2021-3967MEDIUMImproper Access Control in zulip/zulipEPSS 0.8%CVE-2023-36561HIGHAzure DevOps Server Elevation of Privilege VulnerabilityEPSS 0.8%CVE-2022-20918HIGHA vulnerability in the Simple Network Management Protocol (SNMP) access controls for Cisco FirePOWER Software for Adaptive Security AppliancEPSS 0.8%CVE-2022-45475MEDIUMTiny File Manager version 2.4.8 allows an unauthenticated remote attacker to access the application's internal files. This is possible becauEPSS 0.8%CVE-2017-8448—An error was found in the permission model used by X-Pack Alerting 5.0.0 to 5.6.0 whereby users mapped to certain built-in roles could creatEPSS 0.8%CVE-2021-45111HIGHImproper access control in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to triggerEPSS 0.8%CVE-2019-6538CRITICALMedtronic Conexus Radio Frequency Telemetry Protocol Improper Access ControlEPSS 0.8%CVE-2021-28505HIGHOn affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access list will ignore the specified IP protocol.EPSS 0.8%CVE-2026-5215MEDIUMD-Link DNS-1550-04 network_mgr.cgi cgi_get_ipv6 access controlEPSS 0.8%CVE-2023-22920CRITICALA security misconfiguration vulnerability exists in the Zyxel LTE3316-M604 firmware version V2.00(ABMP.6)C0 due to a factory default misconfEPSS 0.8%