Falhas do tipo CWE-284

4.428 resultados
CVE-2026-39386HIGHNeko has Self-service Privilege Escalation for Authenticated UsersEPSS 0.4%CVE-2023-29140MEDIUMAn issue was discovered in the GrowthExperiments extension for MediaWiki through 1.39.3. Attackers might be able to see edits for which the EPSS 0.4%CVE-2024-21084MEDIUMVulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Service Gateway). Supported versions that are affected areEPSS 0.4%CVE-2018-0428A vulnerability in the account management subsystem of Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to elEPSS 0.4%CVE-2026-1117HIGHImproper Access Control in parisneo/lollmsEPSS 0.4%CVE-2025-3593MEDIUMZHENFENG13/code-projects My-Blog-layui authorImg upload unrestricted uploadEPSS 0.4%CVE-2021-24801WP Survey Plus <= 1.0 - Subscriber+ AJAX CallsEPSS 0.4%CVE-2024-1584MEDIUMAnalytify <= 5.2.1 - Missing Authorization to Unauthenticated Google Analytics Tracking ID ModificationEPSS 0.4%CVE-2024-41247CRITICALAn Incorrect Access Control vulnerability was found in /smsa/add_class.php and /smsa/add_class_submit.php in Kashipara Responsive School ManEPSS 0.4%CVE-2022-2259MEDIUMIn affected versions of Octopus Deploy it is possible for a user to view Workerpools without being explicitly assigned permissions to view tEPSS 0.4%CVE-2024-47758HIGHGLPI vulnerable to account takeover without privilege escalation through the APIEPSS 0.4%CVE-2025-25004HIGHPowerShell Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2020-8973CRITICALZGR TPS200 NG Improper access controlEPSS 0.4%CVE-2019-5452Bypass lock protection in the Nextcloud Android app prior to version 3.6.2 causes leaking of thumbnails when requesting the Android content EPSS 0.4%CVE-2025-22940CRITICALIncorrect access control in Adtran 411 ONT L80.00.0011.M2 allows unauthorized attackers to arbitrarily set the admin password.EPSS 0.4%CVE-2025-3978MEDIUMdazhouda lecms user_set.htm information disclosureEPSS 0.4%CVE-2023-5542LOWMoodle: students can view other users in "only see own membership" groupsEPSS 0.4%CVE-2025-7547MEDIUMCampcodes Online Movie Theater Seat Reservation System admin_class.php save_movie unrestricted uploadEPSS 0.4%CVE-2022-33924MEDIUMDell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability with which an attacker with no access to createEPSS 0.4%CVE-2021-24853QR Redirector < 1.6 - Subscriber+ Arbitrary QR Redirect Response Status UpdateEPSS 0.4%