Fallos del tipo CWE-269

1775 resultados
CVE-2024-23537HIGHApache Fineract: Under certain circumstances, this vulnerability allowed users, without specific permissions, to escalate their privileges to any role.EPSS 1.1%CVE-2022-2317Simple Membership < 4.1.3 - Unauthenticated Membership Privilege EscalationEPSS 1.1%CVE-2022-24783CRITICALSandbox bypass leading to arbitrary code execution in DenoEPSS 1.1%CVE-2024-43199HIGHNagios NDOUtils before 2.1.4 allows privilege escalation from nagios to root because certain executable files are owned by the nagios user.EPSS 1.1%CVE-2023-31469HIGHApache StreamPipes: Privilege escalation through non-admin userEPSS 1.1%CVE-2023-36024HIGHMicrosoft Edge (Chromium-based) Elevation of Privilege VulnerabilityEPSS 1.1%CVE-2024-34370HIGHWordPress EAN for WooCommerce plugin <= 4.8.9 - Arbitrary Option Update to Privilege Escalation vulnerabilityEPSS 1.1%CVE-2025-7341CRITICALHT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. <= 2.2.1 - Unauthenticated Arbitrary File DeletionEPSS 1.1%CVE-2021-23885CRITICALPrivilege escalation vulnerability in McAfee Web Gateway (MWG) UIEPSS 1.1%CVE-2023-43317HIGHAn issue in Coign CRM Portal v.06.06 allows a remote attacker to escalate privileges via the userPermissionsList parameter in Session StoragEPSS 1.1%CVE-2026-0920CRITICALLA-Studio Element Kit for Elementor <= 1.5.6.3 - Unauthenticated Privilege Escalation via Backdoor to Administrative User Creation via lakit_bkrole parameterEPSS 1.1%CVE-2023-27830CRITICALTightVNC before v2.8.75 allows attackers to escalate privileges on the host operating system via replacing legitimate files with crafted filEPSS 1.1%CVE-2023-4822MEDIUMGrafana is an open-source platform for monitoring and observability. The vulnerability impacts Grafana instances with several organizations,EPSS 1.1%CVE-2021-3813MEDIUMImproper Privilege Management in chatwoot/chatwootEPSS 1.1%CVE-2022-39395CRITICALVela Insecure DefaultsEPSS 1.1%CVE-2022-1397HIGHAPI Privilege Escalation in alextselegidis/easyappointmentsEPSS 1.1%CVE-2022-41032HIGHNuGet Client Elevation of Privilege VulnerabilityEPSS 1.1%CVE-2022-39286HIGHExecution with Unnecessary Privileges in JupyterAppEPSS 1.1%CVE-2024-32418CRITICALAn issue in flusity CMS v2.33 allows a remote attacker to execute arbitrary code via the add_addon.php component.EPSS 1.1%CVE-2023-26604HIGHsystemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in whichEPSS 1.1%