Fallos del tipo CWE-284
4457 resultadosCVE-2025-43371HIGHThis issue was addressed with improved checks. This issue is fixed in Xcode 26. An app may be able to break out of its sandbox.EPSS 0.2%CVE-2023-25073MEDIUMImproper access control in some Intel(R) DSA software before version 23.4.33 may allow an authenticated user to potentially enable denial ofEPSS 0.2%CVE-2026-9590MEDIUMImproper access control in the permission validation component in Devolutions Server 2026.1.19 and earlier allows an authenticated user withEPSS 0.2%CVE-2023-22848MEDIUMImproper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentEPSS 0.2%CVE-2023-47859MEDIUMImproper access control for some Intel(R) Wireless Bluetooth products for Windows before version 23.20 may allow an authenticated user to poEPSS 0.2%CVE-2024-33396HIGHAn issue in karmada-io karmada v1.9.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token coEPSS 0.2%CVE-2026-35066HIGHDell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Access Control vulnerability. A low privileged attacker with remEPSS 0.2%CVE-2026-46842MEDIUMVulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vuEPSS 0.2%CVE-2025-43208MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to read sensitive EPSS 0.2%CVE-2025-31270MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access protecteEPSS 0.2%CVE-2025-43325MEDIUMAn access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access sensEPSS 0.2%CVE-2025-43207MEDIUMThis issue was addressed with improved entitlements. This issue is fixed in macOS Tahoe 26. An app may be able to access user-sensitive dataEPSS 0.2%CVE-2022-36374HIGHImproper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmi Windows 5.27.03.0003 may allow a privilEPSS 0.2%CVE-2026-3932MEDIUMInsufficient policy enforcement in PDF in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to bypass navigation resEPSS 0.2%CVE-2023-24481MEDIUMImproper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentEPSS 0.2%CVE-2025-61762MEDIUMVulnerability in the PeopleSoft Enterprise FIN Payables product of Oracle PeopleSoft (component: Payables). The supported version that is EPSS 0.2%CVE-2026-56257HIGHCapgo - Authorization Bypass in App Ownership Transfer via Direct PostgREST UpdateEPSS 0.2%CVE-2023-26585MEDIUMImproper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentEPSS 0.2%CVE-2025-65841MEDIUMAquarius Desktop 3.0.069 for macOS stores user authentication credentials in the local file ~/Library/Application Support/Aquarius/aquarius.EPSS 0.2%CVE-2024-3746MEDIUMMeasuresoft ScadaPro Improper Access ControlEPSS 0.2%