Fallos del tipo CWE-284

4457 resultados
CVE-2023-32647MEDIUMImproper access control in some Intel(R) XTU software before version 7.12.0.29 may allow an authenticated user to potentially enable escalatEPSS 0.2%CVE-2022-36442MEDIUMAn issue was discovered in Zebra Enterprise Home Screen 4.1.19. By using the embedded Google Chrome application, it is possible to install aEPSS 0.2%CVE-2026-21961MEDIUMVulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft (component: Company Dir / Org Chart Viewer, EmplEPSS 0.2%CVE-2026-45154LOWNextcloud: Improper Access Control in CollectivesEPSS 0.2%CVE-2023-33875HIGHImproper access control for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenEPSS 0.2%CVE-2023-31100HIGHImproper Access Control in SMI handler vulnerability in Phoenix SecureCore™ Technology™ 4 allows SPI flash modification. This issue affects EPSS 0.2%CVE-2026-20259MEDIUMImproper Access Control in Splunk EnterpriseEPSS 0.2%CVE-2025-22844MEDIUMImproper access control for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an unauthenticated user to potentialEPSS 0.2%CVE-2026-11257MEDIUMInappropriate implementation in Browser in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions EPSS 0.2%CVE-2023-21465MEDIUMImproper access control vulnerability in BixbyTouch prior to version 3.2.02.5 in China models allows untrusted applications access local filEPSS 0.2%CVE-2023-27303LOWImproper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentEPSS 0.2%CVE-2026-33415MEDIUMDiscourse: Improper Access Control in discourse-ai Allows Unauthorized Category Content ExposureEPSS 0.2%CVE-2023-38561MEDIUMImproper access control in some Intel(R) XTU software before version 7.12.0.29 may allow an authenticated user to potentially enable escalatEPSS 0.2%CVE-2022-30715MEDIUMImproper access control vulnerability in DofViewer prior to SMR Jun-2022 Release 1 allows attackers to control floating system alert window.EPSS 0.2%CVE-2026-34082MEDIUMDify has IDOR in deleting someone else's chat conversationEPSS 0.2%CVE-2026-3934MEDIUMInsufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass same origin poliEPSS 0.2%CVE-2025-70997HIGHA vulnerability has been discovered in eladmin v2.7 and before. This vulnerability allows for an arbitrary user password reset under any useEPSS 0.2%CVE-2025-30690HIGHVulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. DiffiEPSS 0.2%CVE-2025-67789MEDIUMAn issue was discovered in DriveLock 24.1 before 24.1.6, 24.2 before 24.2.7, and 25.1 before 25.1.5. Authenticated users can retrieve the coEPSS 0.2%CVE-2022-2225HIGHZero Trust Secure Web Gateway policies bypass using WARP client subcommandsEPSS 0.2%