Fallos del tipo CWE-284
4443 resultadosCVE-2019-1866LOWCisco Webex Business Suite Host Header Value Integrity VulnerabilityEPSS 0.3%CVE-2025-58337MEDIUMApache Doris-MCP-Server: Improper Access Control results in bypassing a "read-only" mode for doris-mcp-server MCP ServerEPSS 0.3%CVE-2025-30132CRITICALAn issue was discovered on IROAD Dashcam V devices. It uses an unregistered public domain name as an internal domain, creating a security riEPSS 0.3%CVE-2025-25950HIGHIncorrect access control in the component /rest/staffResource/update of Serosoft Solutions Pvt Ltd Academia Student Information System (SIS)EPSS 0.3%CVE-2025-55240HIGHVisual Studio Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2025-4735MEDIUMCampcodes Sales and Inventory System product.php unrestricted uploadEPSS 0.3%CVE-2025-29421HIGHPerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the getThemeFileContent function.EPSS 0.3%CVE-2023-45844HIGHThe vulnerability allows a low privileged user that have access to the device when locked in Kiosk mode to install an arbitrary Android applEPSS 0.3%CVE-2025-49603CRITICALNorthern.tech Mender Server before 3.7.11 and 4.x before 4.0.1 has Incorrect Access Control.EPSS 0.3%CVE-2025-28104CRITICALIncorrect access control in laskBlog v2.6.1 allows attackers to access all usernames via a crafted input.EPSS 0.3%CVE-2025-8344MEDIUMopenviglet shio ShStaticFileAPI.java shStaticFileUpload unrestricted uploadEPSS 0.3%CVE-2026-6201MEDIUMCodeAstro Online Job Portal Delete Job Posting job-delete.php access controlEPSS 0.3%CVE-2025-30140HIGHAn issue was discovered on G-Net Dashcam BB GONX devices. A Public Domain name is Used for the Internal Domain Name. It uses an unregisteredEPSS 0.3%CVE-2021-3987MEDIUMImproper Access Control in janeczku/calibre-webEPSS 0.3%CVE-2025-7576MEDIUMTeledyne FLIR FB-Series O/FLIR FH-Series ID Production Tools production.html access controlEPSS 0.3%CVE-2025-57247CRITICALThe BATBToken smart contract (address 0xfbf1388408670c02f0dbbb74251d8ded1d63b7a2, Compiler Version v0.8.26+commit.8a97fa7a) contains incorreEPSS 0.3%CVE-2024-9003MEDIUMJinan Chicheng Company JFlow Attachment EntityMutliFile_Load.do AttachmentUploadController access controlEPSS 0.3%CVE-2024-38291HIGHIn XIQ-SE before 24.2.11, a low-privileged user may be able to access admin passwords, which could lead to privilege escalation.EPSS 0.3%CVE-2019-1664HIGHCisco HyperFlex Software Unauthenticated Root Access VulnerabilityEPSS 0.3%CVE-2023-39972—Extension - acymailing.com - Improper Access Control in AcyMailing Enterprise component for Joomla 6.7.0-8.6.3EPSS 0.3%