Falhas do tipo CWE-284
4.383 resultadosCVE-2023-33946LOWThe Object module in Liferay Portal 7.4.3.4 through 7.4.3.48, and Liferay DXP 7.4 before update 49 does properly isolate objects in differenEPSS 0.6%CVE-2025-0206MEDIUMcode-projects Online Shoe Store index.php access controlEPSS 0.6%CVE-2021-45074MEDIUMJFrog Artifactory before 7.29.3 and 6.23.38, is vulnerable to Broken Access Control, a low-privileged user is able to delete other known useEPSS 0.6%CVE-2022-23433MEDIUMImproper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S(12), 12.2.05.6000 in Android R(11) and 11.6.08EPSS 0.6%CVE-2022-4567HIGHImproper Access Control in openemr/openemrEPSS 0.6%CVE-2025-53763CRITICALAzure Databricks Elevation of Privilege VulnerabilityEPSS 0.6%CVE-2022-4684HIGHImproper Access Control in usememos/memosEPSS 0.6%CVE-2025-46816CRITICALgoshs route not protected, allows command executionEPSS 0.6%CVE-2023-21860MEDIUMVulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: Internal Operations). Supported versions that are affected EPSS 0.6%CVE-2023-27088HIGHfeiqu-opensource Background Vertical authorization vulnerability exists in IndexController.java. demo users with low permission can perform EPSS 0.6%CVE-2024-42967CRITICALIncorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allows attackers to obtain the apmib configuration file, which contains thEPSS 0.6%CVE-2022-44212MEDIUMIn GL.iNet Goodcloud 1.0, insecure design allows remote attacker to access devices' admin panel.EPSS 0.6%CVE-2022-4709MEDIUMRoyal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template Kit ImportEPSS 0.6%CVE-2024-50945HIGHAn improper access control vulnerability exists in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f, allowing users to submiEPSS 0.6%CVE-2022-4708MEDIUMRoyal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template Conditions ModificationEPSS 0.6%CVE-2022-4705MEDIUMRoyal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template ActivationEPSS 0.6%CVE-2022-2630MEDIUMAn improper access control issue in GitLab CE/EE affecting all versions starting from 15.2 before 15.2.4, all versions from 15.3 before 15.3EPSS 0.6%CVE-2024-46432HIGHTenda W18E V16.01.0.8(1625) is vulnerable to Incorrect Access Control. An attacker can send a specially crafted HTTP POST request to the setEPSS 0.6%CVE-2025-3975MEDIUMScriptAndTools eCommerce-website-in-PHP subscriber-csv.php information disclosureEPSS 0.6%CVE-2025-59218CRITICALAzure Entra ID Elevation of Privilege VulnerabilityEPSS 0.6%