Fallos del tipo CWE-284

4443 resultados
CVE-2025-7573MEDIUMLB-LINK BL-WR9000 lighttpd.cgi bs_GetManPwd information disclosureEPSS 0.3%CVE-2025-11026MEDIUMgivanz Vvveb Configuration File information disclosureEPSS 0.3%CVE-2024-46916HIGHDiebold Nixdorf Vynamic Security Suite through 4.3.0 SR06 contains functionality that allows the removal of critical system files before theEPSS 0.3%CVE-2025-7572MEDIUMLB-LINK BL-WR9000 lighttpd.cgi bs_GetHostInfo information disclosureEPSS 0.3%CVE-2022-39865MEDIUMImproper access control vulnerability in ContentsSharingActivity.java SmartThings prior to version 1.7.89.0 allows attackers to access sensiEPSS 0.3%CVE-2022-20696HIGHCisco SD-WAN vManage Software Unauthenticated Access to Messaging Services VulnerabilityEPSS 0.3%CVE-2022-39867MEDIUMImproper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensEPSS 0.3%CVE-2022-39868MEDIUMImproper access control vulnerability in GedSamsungAccount.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive infEPSS 0.3%CVE-2022-39870MEDIUMImproper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensEPSS 0.3%CVE-2022-39866MEDIUMImproper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitiEPSS 0.3%CVE-2026-40252MEDIUMBroken Access Control (IDOR) Leading to Cross-Tenant Application Access in FastGPTEPSS 0.3%CVE-2022-39869MEDIUMImproper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensEPSS 0.3%CVE-2024-42497MEDIUMInsufficient permissions checks on teamsEPSS 0.3%CVE-2026-2207MEDIUMWeKan Activity Publication activities.js LinkedBoardActivitiesBleed information disclosureEPSS 0.3%CVE-2025-50105HIGHVulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Administration). Supported veEPSS 0.3%CVE-2019-6566GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to replace the uninstaller with a malicious version, which EPSS 0.3%CVE-2022-39871MEDIUMImproper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows attackers to access sensEPSS 0.3%CVE-2024-20951MEDIUMVulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Supported versionsEPSS 0.3%CVE-2024-45313MEDIUMInsecure default setting for Server Pro installed via Overleaf toolkitEPSS 0.3%CVE-2026-28837HIGHA logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data.EPSS 0.3%