Fallos del tipo CWE-269
1775 resultadosCVE-2022-35780MEDIUMAzure Site Recovery Elevation of Privilege VulnerabilityEPSS 1.5%CVE-2022-35782MEDIUMAzure Site Recovery Elevation of Privilege VulnerabilityEPSS 1.5%CVE-2021-22801—A CWE-269: Improper Privilege Management vulnerability exists that could cause an arbitrary command execution when the software is configureEPSS 1.5%CVE-2023-32559HIGHA privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use EPSS 1.5%CVE-2022-1654HIGHJupiter Theme <= 6.10.1 and JupiterX Core Plugin <= 2.0.7 - Authenticated Privilege EscalationEPSS 1.5%CVE-2023-27645CRITICALAn issue found in POWERAMP audioplayer build 925 bundle play and build 954 allows a remote attacker to gain privileges via the reverb and EQEPSS 1.5%CVE-2020-24678HIGHPotential Privilege Escalation in Symphony PlusEPSS 1.5%CVE-2019-11280HIGHPrivilege escalation through the invitations serviceEPSS 1.5%CVE-2020-8223—A logic error in Nextcloud Server 19.0.0 caused a privilege escalation allowing malicious users to reshare with higher permissions than theyEPSS 1.5%CVE-2024-28247HIGHPihole Authenticated Arbitrary File Read with root privilegesEPSS 1.4%CVE-2024-8068MEDIUMPrivilege escalation to NetworkService Account accessEPSS 1.4%KEVCVE-2023-41954HIGHWordPress ProfilePress plugin <= 4.13.1 - Unauthenticated Limited Privilege Escalation vulnerabilityEPSS 1.4%CVE-2025-59247HIGHAzure PlayFab Elevation of Privilege VulnerabilityEPSS 1.4%CVE-2021-43828HIGHImproper Privilege Management in PatrowlEPSS 1.4%CVE-2021-34810CRITICALImproper privilege management vulnerability in cgi component in Synology Download Station before 3.8.16-3566 allows remote authenticated useEPSS 1.4%CVE-2024-45058HIGHPrivilege escalation in i-EducarEPSS 1.4%CVE-2024-37980HIGHMicrosoft SQL Server Elevation of Privilege VulnerabilityEPSS 1.4%CVE-2020-8247—Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 1EPSS 1.4%CVE-2020-15368MEDIUMAsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via aEPSS 1.3%CVE-2021-43860HIGHPermissions granted to applications can be hidden from the user at install timeEPSS 1.3%