Fallos del tipo CWE-284
4443 resultadosCVE-2025-11440MEDIUMJhumanJ OpnForm edit access controlEPSS 0.3%CVE-2022-42859MEDIUMMultiple issues were addressed by removing the vulnerable code. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, watchOSEPSS 0.3%CVE-2024-29207HIGHAn Improper Certificate Validation could allow a malicious actor with access to an adjacent network to take control of the system.
AffeEPSS 0.3%CVE-2025-64673HIGHWindows Storage VSP Driver Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2025-6837MEDIUMcode-projects Library System profile.php unrestricted uploadEPSS 0.3%CVE-2024-43409MEDIUMGhost's improper authentication allows access to member information and actionsEPSS 0.3%CVE-2024-3127MEDIUMImproper Access Control in GitLabEPSS 0.3%CVE-2024-9157HIGHPrivilege Escalation Vulnerability in CxUIUSvc serviceEPSS 0.3%CVE-2020-8902LOWSSRF in RendertronEPSS 0.3%CVE-2025-6900MEDIUMcode-projects Library System add-book.php unrestricted uploadEPSS 0.3%CVE-2025-15448MEDIUMcld378632668 JavaMall MinioController.java upload unrestricted uploadEPSS 0.3%CVE-2026-27471CRITICALERP: Document access through endpoints due to missing validationEPSS 0.3%CVE-2025-55196HIGHExternal Secrets Operator Missing Namespace Restriction in PushSecret and SecretStore List() Calls Allows Unauthorized Secret AccessEPSS 0.3%CVE-2020-3396MEDIUMCisco IOS XE Software IOx Guest Shell USB SSD Namespace Protection Privilege Escalation VulnerabilityEPSS 0.3%CVE-2020-1666MEDIUMJunos OS Evolved: 'console log-out-on-disconnect' fails to terminate session on console cable disconnectionEPSS 0.3%CVE-2022-39864LOWImproper access control vulnerability in WifiSetupLaunchHelper in SmartThings prior to version 1.7.89.25 allows attackers to access sensitivEPSS 0.3%CVE-2026-35263CRITICALVulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 14.1.2EPSS 0.3%CVE-2017-6016—An Improper Access Control issue was discovered in LCDS - Leao Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA. The followingEPSS 0.3%CVE-2026-1963MEDIUMWeKan Attachment Storage attachments.js MoveStorageBleed access controlEPSS 0.3%CVE-2025-48707HIGHAn issue was discovered in Stormshield Network Security (SNS) before 5.0.1. TPM authentication information could, in some HA use cases, be sEPSS 0.3%