Falhas do tipo CWE-284
4.370 resultadosCVE-2022-45936HIGHA vulnerability has been identified in Mendix Email Connector (All versions < V2.0.0). Affected versions of the module improperly handle accEPSS 0.7%CVE-2022-3382HIGHHIWIN Robot System Software version 3.3.21.9869 does not properly address the terminated command source. As a result, an attacker could crafEPSS 0.7%CVE-2022-3019HIGHImproper Access Control in tooljet/tooljetEPSS 0.7%CVE-2023-26770CRITICALTaskCafe 0.3.2 lacks validation in the Cookie value. Any unauthenticated attacker who knows a registered UserID can change the password of tEPSS 0.7%CVE-2024-10993MEDIUMCodezips Online Institute Management System manage_website.php unrestricted uploadEPSS 0.7%CVE-2023-24028CRITICALIn MISP 2.4.167, app/Controller/Component/ACLComponent.php has incorrect access control for the decaying import function.EPSS 0.7%CVE-2021-25954MEDIUMImproper Access Control in “Dolibarr”EPSS 0.7%CVE-2025-24229HIGHA logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A saEPSS 0.7%CVE-2022-33925MEDIUMDell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. An remote authenticated attacker could pEPSS 0.7%CVE-2025-21213MEDIUMSecure Boot Security Feature Bypass VulnerabilityEPSS 0.7%CVE-2025-14749MEDIUMNingyuanda TC155 ONVIF PTZ Control device_service access controlEPSS 0.7%CVE-2021-34627MEDIUMWP Upload Restriction <= 2.2.3 - Missing Access Control in getSelectedMimeTypesByRole functionEPSS 0.7%CVE-2025-2218MEDIUMLoveCards LoveCardsV2 Setting other access controlEPSS 0.7%CVE-2023-24688MEDIUMAn issue in Mojoportal v2.7.0.0 allows an unauthenticated attacker to register a new user even if the Allow User Registrations feature is diEPSS 0.7%CVE-2024-12953MEDIUM1000 Projects Portfolio Management System MCA update_pd_process.php unrestricted uploadEPSS 0.7%CVE-2024-12954MEDIUM1000 Projects Portfolio Management System MCA update_ach.php unrestricted uploadEPSS 0.7%CVE-2021-4089MEDIUMImproper Access Control in snipe/snipe-itEPSS 0.7%CVE-2021-3062HIGHPAN-OS: Improper Access Control Vulnerability Exposing AWS Instance Metadata Endpoint to GlobalProtect UsersEPSS 0.7%CVE-2025-25500HIGHAn issue in CosmWasm prior to v2.2.0 allows attackers to bypass capability restrictions in blockchains by exploiting a lack of runtime capabEPSS 0.7%CVE-2022-31475MEDIUMWordPress GiveWP plugin <= 2.20.2 - Authenticated Arbitrary File Read via Export function vulnerabilityEPSS 0.7%