Fallos del tipo CWE-269
1780 resultadosCVE-2025-47849HIGHApache CloudStack: Insecure access of user's API/Secret Keys in the same domainEPSS 0.5%CVE-2024-28904HIGHMicrosoft Brokering File System Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2025-29033HIGHAn issue in BambooHR Build v.25.0210.170831-83b08dd allows a remote attacker to escalate privileges via the /saml/index.php?r=" HTTP GET parEPSS 0.5%CVE-2025-47713HIGHApache CloudStack: Domain Admin can reset Admin password in Root DomainEPSS 0.5%CVE-2024-48730MEDIUMThe default configuration in ETSI Open-Source MANO (OSM) v.14.x, v.15.x, v.16.x, v.17.x does not impose any restrictions on the authenticatiEPSS 0.5%CVE-2025-15030CRITICALUser Profile Builder < 3.15.2 - Unauthenticated Arbitrary Password ResetEPSS 0.5%CVE-2024-55954HIGHOpenObserve Improper Authorization Allows Admin User to Remove Root UserEPSS 0.5%CVE-2026-5118CRITICALDivi Form Builder <= 5.1.2 - Unauthenticated Privilege Escalation via 'role'EPSS 0.5%CVE-2025-22937CRITICALAn issue in Adtran 411 ONT vL80.00.0011.M2 allows attackers to escalate privileges via unspecified vectors.EPSS 0.5%CVE-2024-25106CRITICALOpenObserve Unauthorized Access Vulnerability in Users APIEPSS 0.5%CVE-2024-8247HIGHNewsletters <= 4.9.9.2 - Authenticated Privilege EscalationEPSS 0.5%CVE-2024-6482HIGHLogin with phone number <= 1.7.49 - Authenticated (Subscriber+) Authorization Bypass to Privilege EscalationEPSS 0.5%CVE-2023-29166—A logic issue was addressed with improved state management. This issue is fixed in Pro Video Formats 2.2.5. A user may be able to elevate prEPSS 0.5%CVE-2025-46116HIGHAn issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.EPSS 0.5%CVE-2024-29150HIGHAn issue was discovered in Alcatel-Lucent ALE NOE deskphones through 86x8_NOE-R300.1.40.12.4180 and SIP deskphones through 86x8_SIP-R200.1.0EPSS 0.5%CVE-2020-13509MEDIUMAn information disclosure vulnerability exists in the WinRing0x64 Driver Privileged I/O Read IRPs functionality of NZXT CAM 4.8.0. A specialEPSS 0.5%CVE-2024-37455HIGHWordPress Ultimate Addons for elementor plugin <= 1.36.31 - Privilege Escalation vulnerabilityEPSS 0.5%CVE-2025-0180CRITICALWP Foodbakery <= 4.7 - Unauthenticated Privilege Escalation in foodbakery_registration_validationEPSS 0.5%CVE-2025-70888CRITICALAn issue in mtrojnar Osslsigncode affected at v2.10 and before allows a remote attacker to escalate privileges via the osslsigncode.c componEPSS 0.5%CVE-2024-33872CRITICALKeyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in code execution and escalation of EPSS 0.5%