Fallos del tipo CWE-284

4443 resultados
CVE-2023-39972Extension - acymailing.com - Improper Access Control in AcyMailing Enterprise component for Joomla 6.7.0-8.6.3EPSS 0.3%CVE-2026-6201MEDIUMCodeAstro Online Job Portal Delete Job Posting job-delete.php access controlEPSS 0.3%CVE-2025-37137MEDIUMAuthenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)EPSS 0.3%CVE-2025-20153MEDIUMCisco ESA mail BypassEPSS 0.3%CVE-2025-37125HIGHBroken access control vulnerability in Firewall Configuration Leads to Unauthorized Access to Internal Network ResourcesEPSS 0.3%CVE-2024-1144MEDIUMImproper Access Control at Alma Devklan BlogEPSS 0.3%CVE-2026-1813MEDIUMbolo-blog bolo-solo FreeMarker Template PicUploadProcessor.java unrestricted uploadEPSS 0.3%CVE-2025-67645HIGHOpenEMR Vulnerable to Broken Access Control in Profile Edit EndpointEPSS 0.3%CVE-2026-20883MEDIUMGitea Stopwatch API Missing Authorization Check Leads to Post-Revocation Information DisclosureEPSS 0.3%CVE-2023-20230MEDIUMA vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow anEPSS 0.3%CVE-2025-37136MEDIUMAuthenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)EPSS 0.3%CVE-2024-56335HIGHPrivilege escalation allows organization groups to be updated/deleted if their UUID is known in vaultwardenEPSS 0.3%CVE-2026-41277HIGHFlowise: Mass Assignment in DocumentStore Create Endpoint Leads to Cross-Workspace Object Takeover (IDOR)EPSS 0.3%CVE-2025-8171MEDIUMcode-projects Document Management System insert.php unrestricted uploadEPSS 0.3%CVE-2023-39941HIGHImproper access control in some Intel(R) SUR software before version 2.4.10587 may allow an unauthenticated user to potentially enable deniaEPSS 0.3%CVE-2025-37135MEDIUMAuthenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)EPSS 0.3%CVE-2024-42794MEDIUMKashipara Music Management System v1.0 is vulnerable to Incorrect Access Control via /music/ajax.php?action=save_user.EPSS 0.3%CVE-2026-40474HIGHwger has Broken Access Control in the Global Gym Configuration Update EndpointEPSS 0.3%CVE-2025-20335MEDIUMCisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Information Arbitrary File Write VulnerabilityEPSS 0.3%CVE-2026-1197LOWMineAdmin downloadById information disclosureEPSS 0.3%