Falhas do tipo CWE-732
690 resultadosCVE-2023-35168MEDIUMDataEase has a privilege bypass vulnerabilityEPSS 0.6%CVE-2023-32724CRITICALJavaScript engine memory pointers are directly available for Zabbix users for modificationEPSS 0.6%CVE-2024-12149HIGHIncorrect permission assignment in temporary access requests component in Devolutions Remote Desktop Manager 2024.3.19.0 and earlier on WindEPSS 0.6%CVE-2023-32990MEDIUMA missing permission check in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers with Overall/Read permission toEPSS 0.6%CVE-2025-45150CRITICALInsecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive files via supplyingEPSS 0.6%CVE-2022-40298HIGHCrestron AirMedia for Windows before 5.5.1.84 has insecure inherited permissions, which leads to a privilege escalation vulnerability found EPSS 0.6%CVE-2023-27095MEDIUMInsecure Permissions vulnerability found in OpenGoofy Hippo4j v.1.4.3 allows attacker toescalate privileges via the AddUser method of the UsEPSS 0.6%CVE-2023-32723HIGHInefficient permission check in class CControllerAuthenticationUpdateEPSS 0.6%CVE-2025-11921HIGHiStat Menus 7.10.4 - Local Privilege EscalationEPSS 0.6%CVE-2024-7986MEDIUMRockwell Automation ThinManager® ThinServer™ Information DisclosureEPSS 0.6%CVE-2022-23143MEDIUMZTE OTCP product is impacted by a permission and access control vulnerability. Due to improper permission settings, an attacker with high peEPSS 0.6%CVE-2025-0066CRITICALInformation Disclosure vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform (Internet Communication Framework)EPSS 0.6%CVE-2025-30708HIGHVulnerability in the Oracle User Management product of Oracle E-Business Suite (component: Search and Register Users). Supported versions tEPSS 0.5%CVE-2024-57547HIGHInsecure Permissions vulnerability in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the FEPSS 0.5%CVE-2024-45497HIGHOpenshift-api: openshift-controller-manager/build: build process in openshift allows overwriting of node pull credentialsEPSS 0.5%CVE-2023-24626MEDIUMsocket.c in GNU Screen through 4.9.0, when installed setuid or setgid (the default on platforms such as Arch Linux and FreeBSD), allows locaEPSS 0.5%CVE-2022-36103HIGHTalos worker join token can be used to get elevated access level to the Talos APIEPSS 0.5%CVE-2023-40622CRITICALInformation Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Promotion Management)EPSS 0.5%CVE-2022-36800MEDIUMAffected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers without the "Browse Users" permission tEPSS 0.5%CVE-2022-42949HIGHSilverstripe silverstripe/subsites through 2.6.0 has Insecure Permissions.EPSS 0.5%