Fallos del tipo CWE-280
145 resultadosCVE-2023-2020MEDIUMUnauthorized scheduling of downtimes via REST APIEPSS 0.4%CVE-2024-36112MEDIUMNautobot dynamic-group-members doesn't enforce permission restrictions on member objectsEPSS 0.4%CVE-2024-46874CRITICALRuijie Reyee OS Improper Handling of Insufficient Permissions or PrivilegesEPSS 0.4%CVE-2025-6573CRITICALGPU DDK - RGXFW_CTL.pui8FWScratchBuf Leak/OverwriteEPSS 0.4%CVE-2024-4468MEDIUMSalon booking system <= 9.9 - Missing AuthorizationEPSS 0.4%CVE-2025-8109HIGHGPU DDK - GPU shader shared memory corrupted using ptrace to disrupt GPU operationEPSS 0.4%CVE-2024-0015HIGHIn convertToComponentName of DreamService.java, there is a possible way to launch arbitrary protected activities due to intent redirection. EPSS 0.4%CVE-2025-67848HIGHMoodle: moodle: authentication bypass via lti provider allows suspended users to gain unauthorized access.EPSS 0.4%CVE-2025-49731LOWMicrosoft Teams Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2025-50170HIGHWindows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2023-52537HIGHVulnerability of package name verification being bypassed in the HwIms module.
Impact: Successful exploitation of this vulnerability will afEPSS 0.4%CVE-2024-30418HIGHVulnerability of insufficient permission verification in the app management module.
Impact: Successful exploitation of this vulnerability wiEPSS 0.4%CVE-2019-17437HIGHPAN-OS: Custom-role users may escalate privilegesEPSS 0.3%CVE-2024-12430HIGHAn attacker who successfully exploited these vulnerabilities could cause enable command execution. A vulnerability exists in the AC500 V3 veEPSS 0.3%CVE-2022-34368MEDIUMDell EMC NetWorker 19.2.1.x 19.3.x, 19.4.x, 19.5.x, 19.6.x and 19.7.0.0 contain an Improper Handling of Insufficient Permissions or PrivilegEPSS 0.3%CVE-2024-43702HIGHGPU DDK - MLIST/PM render state buffers writable allowing arbitrary writes to kernel memory pagesEPSS 0.3%CVE-2024-35228MEDIUMImproper Handling of Insufficient Permissions in WagtailEPSS 0.3%CVE-2024-46988MEDIUMTuleap does not properly check permissions for email notifications in trackersEPSS 0.3%CVE-2025-24029MEDIUMArtifact permissions are not verified in the Cross Tracker Search widget in TuleapEPSS 0.3%CVE-2026-3190MEDIUMKeycloak: keycloak: information disclosure via improper role enforcement in uma 2.0 protection apiEPSS 0.3%