Fallos del tipo CWE-284

4453 resultados
CVE-2023-50440MEDIUMZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission); ZED! for Windows before Q.2021.2 (ANSSI EPSS 0.2%CVE-2026-45043CRITICALRustFS: ImportIam Allows Creation of Backdoor Service Accounts Under Any Parent Including RootEPSS 0.2%CVE-2026-33377HIGHDashboard Import Overwrites ACL — Editor Privilege Escalation to Dashboard AdminEPSS 0.2%CVE-2021-25349MEDIUMUsing unsafe PendingIntent in Slow Motion Editor prior to version 3.5.18.5 allows local attackers unauthorized action without permission viaEPSS 0.2%CVE-2025-30732MEDIUMVulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Core). Supported versions that are afEPSS 0.2%CVE-2022-27838HIGHImproper access control vulnerability in FactoryCamera prior to version 2.1.96 allows attacker to access the file with system privilege.EPSS 0.2%CVE-2024-32940MEDIUMImproper access control in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable denial EPSS 0.2%CVE-2025-57758MEDIUMContao has improper access control in the back end votersEPSS 0.2%CVE-2024-47481MEDIUMDell Data Lakehouse, version(s) 1.0.0.0, 1.1.0., contain(s) an Improper Access Control vulnerability. An unauthenticated attacker with adjacEPSS 0.2%CVE-2021-42808MEDIUMThe Sentinel Protection Installer 7.7.0 creates files and directory with all privileges granting any user full permissions.EPSS 0.2%CVE-2021-25439Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android PEPSS 0.2%CVE-2024-53542MEDIUMIncorrect access control in the component /iclock/Settings?restartNCS=1 of NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 EPSS 0.2%CVE-2025-14052MEDIUMyoulaitech youlai-mall members getMemberById access controlEPSS 0.2%CVE-2024-36247MEDIUMImproper access control in Intel(R) RAID Web Console all versions may allow an authenticated user to potentially enable denial of service viEPSS 0.2%CVE-2026-7696MEDIUMAcrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform uploadH5Files unrestricted uploadEPSS 0.2%CVE-2025-53061MEDIUMVulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology). Supported versions thEPSS 0.2%CVE-2025-52168MEDIUMIncorrect access control in the dynawebservice component of agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 allows unauthenticated EPSS 0.2%CVE-2024-30148MEDIUMHCL Leap is affected by improper access controlEPSS 0.2%CVE-2024-29085MEDIUMImproper access control for some BigDL software maintained by Intel(R) before version 2.5.0 may allow an authenticated user to potentially eEPSS 0.2%CVE-2025-64483MEDIUMWazuh API – Agent Configuration Has Improper Access Control in Agent Enrollment EndpointEPSS 0.2%