Fallos del tipo CWE-284

4451 resultados
CVE-2021-25405An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2.04.27 allows untrusted applications to aEPSS 0.2%CVE-2024-23266MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app EPSS 0.2%CVE-2026-45264MEDIUMNextcloud: ACL Rename Permission Bypass in Team Folders Allows Unauthorized File RenamesEPSS 0.2%CVE-2026-7238MEDIUMcode-projects Online Music Site AdminUpdateAlbum.php unrestricted uploadEPSS 0.2%CVE-2026-5141HIGHImproper Access Control in TUBITAK BILGEM's Pardus Software CenterEPSS 0.2%CVE-2023-21985HIGHVulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). Supported versions that are affected are 10 and 11. EaEPSS 0.2%CVE-2026-49049HIGHJoomla Extension - joomshaper.com - Unauthenticated access to Helix3 template ajax handlerEPSS 0.2%CVE-2024-23267MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app EPSS 0.2%CVE-2025-53113LOWGLPI technicians can access unauthorized information through external linksEPSS 0.2%CVE-2025-20137MEDIUMA vulnerability in the access control list (ACL) programming of Cisco IOS Software that is running on Cisco Catalyst 1000 Switches and CiscoEPSS 0.2%CVE-2026-28410MEDIUMThe Graph: Revocable vesting contracts allows early access to locked tokensEPSS 0.2%CVE-2025-62395MEDIUMMoodle: external cohort search service leaks system cohort dataEPSS 0.2%CVE-2026-46820HIGHVulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite (component: Common Components). Supported versionsEPSS 0.2%CVE-2026-11179HIGHInappropriate implementation in ORB in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass site isolation via a craftedEPSS 0.2%CVE-2022-42717HIGHAn issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the hosEPSS 0.2%CVE-2026-21982HIGHVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.EPSS 0.2%CVE-2022-42816MEDIUMA logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13. An app may be able to modify protected EPSS 0.2%CVE-2022-27838HIGHImproper access control vulnerability in FactoryCamera prior to version 2.1.96 allows attacker to access the file with system privilege.EPSS 0.2%CVE-2026-33377HIGHDashboard Import Overwrites ACL — Editor Privilege Escalation to Dashboard AdminEPSS 0.2%CVE-2026-3268MEDIUMpsi-probe PSI Probe Session Attribute RemoveSessAttributeController.java access controlEPSS 0.2%