Fallos del tipo CWE-284

4453 resultados
CVE-2025-30759MEDIUMVulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Platform Security). Supported EPSS 0.2%CVE-2021-42855HIGHLocal privilege escalation due to misconfigured write permission on .debug_command.config fileEPSS 0.2%CVE-2026-14035MEDIUMInsufficient policy enforcement in Bluetooth in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitiEPSS 0.2%CVE-2025-53071MEDIUMVulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Upload Attachments). Supported versions tEPSS 0.2%CVE-2021-4016MEDIUMRapid7 Insight Agent Improper Access ControlEPSS 0.2%CVE-2025-11901HIGHAn uncontrolled resource consumption vulnerability affects certain ASUS motherboards using Intel B460, B560, B660, B760, H410, H510, H610, EPSS 0.2%CVE-2026-2852MEDIUMyeqifu warehouse Sales Endpoint SalesController.java deleteSales access controlEPSS 0.2%CVE-2025-53064MEDIUMVulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Personalization). Supported versions thatEPSS 0.2%CVE-2026-11464LOWJeecgBoot User List Endpoint SysUserController.java queryPageList information disclosureEPSS 0.2%CVE-2026-55116CRITICALA malicious actor with access to the network and under certain network configurations could exploit an Improper Access Control vulnerabilityEPSS 0.2%CVE-2023-24485HIGHPrivilege Escalation on the system running a vulnerable version of Citrix Workspace app for WindowsEPSS 0.2%CVE-2023-43086HIGH Dell Command | Configure, versions prior to 4.11.0, contains an improper access control vulnerability. A local malicious user could potentiEPSS 0.2%CVE-2026-6312LOWInsufficient policy enforcement in Passwords in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the rendEPSS 0.2%CVE-2021-22682Cscape (All versions prior to 9.90 SP4) is configured by default to be installed for all users, which allows full permissions, including reaEPSS 0.2%CVE-2025-11163MEDIUMSmartCrawl SEO checker, analyzer & optimizer <= 3.14.3 - Missing Authorization to Plugin Settings UpdateEPSS 0.2%CVE-2026-4586MEDIUMCodePhiliaX Chat2DB JDBC Driver Upload JdbcDriverController.java upload unrestricted uploadEPSS 0.2%CVE-2026-40381HIGHAzure Connected Machine Agent Elevation of Privilege VulnerabilityEPSS 0.2%CVE-2026-34277MEDIUMVulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Fluid Core). Supported versions that are afEPSS 0.2%CVE-2023-27517MEDIUMImproper access control in some Intel(R) Optane(TM) PMem software before versions 01.00.00.3547, 02.00.00.3915, 03.00.00.0483 may allow an aEPSS 0.2%CVE-2022-24923MEDIUMImproper access control vulnerability in Samsung SearchWidget prior to versions 2.3.00.6 in China models allows untrusted applications to loEPSS 0.2%