Falhas do tipo CWE-284
4.373 resultadosCVE-2023-39743—lrzip-next LZMA v23.01 was discovered to contain an access violation via the component /bz3_decode_block src/libbz3.c.EPSS 0.7%CVE-2023-24905HIGHRemote Desktop Client Remote Code Execution VulnerabilityEPSS 0.7%CVE-2017-9513—Several rest inline action resources of Atlassian Activity Streams before version 6.3.0 allows remote authenticated attackers to watch any CEPSS 0.7%CVE-2019-3779HIGHCloud Foundry Container Runtime allows a user to bypass security policy when talking to ETCDEPSS 0.7%CVE-2023-22807CRITICALCVE-2023-22807EPSS 0.7%CVE-2023-22285HIGHImproper access control for some Intel Unison software may allow an unauthenticated user to potentially enable denial of service via networkEPSS 0.7%CVE-2025-51539MEDIUMEzGED3 3.5.0 contains an unauthenticated arbitrary file read vulnerability due to improper access control and insufficient input validation EPSS 0.7%CVE-2022-0727MEDIUMImproper Access Control in chocobozzz/peertubeEPSS 0.7%CVE-2023-22487HIGHPost mentions can be used to read any post on the forum without access controlEPSS 0.7%CVE-2024-31846HIGHAn issue was discovered in Italtel Embrace 1.6.4. The web application does not restrict or incorrectly restricts access to a resource from aEPSS 0.7%CVE-2020-1732MEDIUMA flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption acrossEPSS 0.7%CVE-2020-5293MEDIUMImproper access control on product page with combinations, attachments and specific prices in PrestaShopEPSS 0.7%CVE-2022-41155MEDIUMWordPress iQ Block Country plugin <= 1.2.18 - Block BYPASS vulnerabilityEPSS 0.7%CVE-2020-5287MEDIUMImproper access control on customers search in PrestaShopEPSS 0.7%CVE-2020-5288MEDIUMImproper access control on product attributes page in PrestaShopEPSS 0.7%CVE-2026-21636MEDIUMA flaw in Node.js's permission model allows Unix Domain Socket (UDS) connections to bypass network restrictions when `--permission` is enablEPSS 0.7%CVE-2022-36024HIGHBots using py-cord as discord api wrapper are vulnerable to shutdowns through remote code executionEPSS 0.7%CVE-2024-45432HIGHOpenSynergy BlueSDK (aka Blue SDK) through 6.x mishandles a function call. The specific flaw exists within the BlueSDK Bluetooth stack. The EPSS 0.7%CVE-2023-23445HIGHImproper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers
1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows aEPSS 0.7%CVE-2023-36643HIGHIncorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all orders from the online shop via oordershow componEPSS 0.7%