Fallos del tipo CWE-250

329 resultados
CVE-2024-27143CRITICALPre-authenticated Remote Code ExecutionEPSS 1.1%CVE-2023-5207HIGHExecution with Unnecessary Privileges in GitLabEPSS 1.1%CVE-2022-39286HIGHExecution with Unnecessary Privileges in JupyterAppEPSS 1.1%CVE-2022-43553HIGHA remote code execution vulnerability in EdgeRouters (Version 2.0.9-hotfix.4 and earlier) allows a malicious actor with an operator account EPSS 1.0%CVE-2023-27010HIGHWondershare Dr.Fone v12.9.6 was discovered to contain weak permissions for the service WsDrvInst. This vulnerability allows attackers to escEPSS 1.0%CVE-2021-3576HIGHPrivilege escalation via SeImpersonatePrivilegeEPSS 0.9%CVE-2023-32080CRITICALWings vulnerable to escape to host from installation containerEPSS 0.9%CVE-2023-1966HIGHCVE-2023-1966EPSS 0.9%CVE-2026-41900HIGHOpenLearnX has Critical Remote Code Execution Through Python Sandbox Escape via Code Execution EnvironmentEPSS 0.9%CVE-2024-22017HIGHsetuid() does not affect libuv's internal io_uring operations if initialized before the call to setuid(). This allows the process to performEPSS 0.9%CVE-2018-10856MEDIUMIt has been discovered that podman before version 0.6.1 does not drop capabilities when executing a container as a non-root user. This resulEPSS 0.9%CVE-2024-21003LOWVulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions thEPSS 0.9%CVE-2022-40182A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), DEPSS 0.9%CVE-2025-5196HIGHWing FTP Server Lua Admin Console unnecessary privilegesEPSS 0.8%CVE-2022-2634CRITICALDigi ConnectPort X2DEPSS 0.8%CVE-2019-16767MEDIUMIn EzMaster before 5.2.11 docker containers were executed with advanced privileges by defaultEPSS 0.8%CVE-2018-1087HIGHkernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in theEPSS 0.8%CVE-2022-44544CRITICALMahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0 potentially allow a PDF export to trigger EPSS 0.8%CVE-2026-42833CRITICALMicrosoft Dynamics 365 On-Premises Remote Code Execution VulnerabilityEPSS 0.7%CVE-2024-20478MEDIUMCisco Application Policy Infrastructure Controller App Privilege Escalation VulnerabilityEPSS 0.7%