Falhas do tipo CWE-284
4.370 resultadosCVE-2024-0414MEDIUMDeShang DSCMS install.php access controlEPSS 0.8%CVE-2021-1410MEDIUMCisco Webex Meetings Unauthorized Distribution List Update VulnerabilityEPSS 0.8%CVE-2019-1647HIGHCisco SD-WAN Solution Unauthorized Access VulnerabilityEPSS 0.8%CVE-2024-13067MEDIUMCodeAstro Online Food Ordering System All Users Page all_users.php access controlEPSS 0.8%CVE-2024-1701MEDIUMkeerti1924 PHP-MYSQL-User-Login-System edit.php access controlEPSS 0.8%CVE-2024-23271HIGHA logic issue was addressed with improved checks. This issue is fixed in Safari 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3EPSS 0.8%CVE-2021-40414HIGHAn incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_201EPSS 0.8%CVE-2021-40415HIGHAn incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability functionality of reolink RLC-410W v3.0.0.136_201EPSS 0.8%CVE-2023-2979MEDIUMAbstrium Pydio Cells User Creation access controlEPSS 0.8%CVE-2021-25991MEDIUMifme - Improper Access Control leads to admin deactivationEPSS 0.8%CVE-2023-35927HIGHNextcloud system addressbooks can be modified by malicious trusted serverEPSS 0.8%CVE-2021-42116MEDIUMUnauthorized Menu Item Access in TopEaseEPSS 0.8%CVE-2020-3522MEDIUMCisco Data Center Network Manager Authorization Bypass VulnerabilityEPSS 0.8%CVE-2017-18035—The /rest/review-coverage-chart/1.0/data/<repository_name>/.json resource in Atlassian Fisheye and Crucible before version 4.5.1 and 4.6.0 wEPSS 0.8%CVE-2024-30261LOWUndici's fetch with integrity option is too lax when algorithm is specified but hash value is in incorrectEPSS 0.8%CVE-2023-39952MEDIUMAdvanced permissions not respected when copying entire group foldersEPSS 0.8%CVE-2024-28405HIGHSEMCMS 4.8 is vulnerable to Incorrect Access Control. The code installs SEMCMS_Funtion.php before checking if the admin is a valid user in tEPSS 0.8%CVE-2022-1659MEDIUMJupiterX Core <= 2.0.6 - Information Disclosure, Modification, and Denial of ServiceEPSS 0.8%CVE-2023-2670MEDIUMSourceCodester Lost and Found Information System access controlEPSS 0.8%CVE-2021-32753HIGHWeak password in API gateway in EdgeX Foundry Edinburgh, Fuji, Geneva, and Hanoi releases allows remote attackers to obtain authentication token via dictionary-based password attack when OAuth2 authentication method is enabled.EPSS 0.8%