Fallos del tipo CWE-284
4457 resultadosCVE-2025-43332MEDIUMA file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26.EPSS 0.2%CVE-2025-65796MEDIUMIncorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other EPSS 0.2%CVE-2022-36866MEDIUMImproper access control vulnerability in Broadcaster in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(1EPSS 0.2%CVE-2022-36869MEDIUMImproper access control vulnerability in ContactsDumpActivity of?Contacts Provider prior to version 12.7.59 allows attacker to access the fiEPSS 0.2%CVE-2025-23277HIGHNVIDIA Display Driver for Linux and Windows contains a vulnerability in the kernel mode driver, where an attacker could access memory outsidEPSS 0.2%CVE-2026-50744MEDIUMA bypass to the admin‑only restriction of the XML‑RPC API in Revive Adserver 6.0.7. The API response for the ox.login method returned a sessEPSS 0.2%CVE-2022-36865MEDIUMImproper access control in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackersEPSS 0.2%CVE-2022-41621LOWImproper access control in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable EPSS 0.2%CVE-2023-20587HIGHImproper
Access Control in System Management Mode (SMM) may allow an attacker access to
the SPI flash potentially leading to arbitrary code EPSS 0.2%CVE-2024-40858HIGHA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. An app may be able to access ContEPSS 0.2%CVE-2026-14613MEDIUMKeycloak-services: keycloak-services: keycloak: fgap v2 role groups endpoint discloses hidden group metadata without group view permissionEPSS 0.2%CVE-2024-25576HIGHimproper access control in firmware for some Intel(R) FPGA products before version 24.1 may allow a privileged user to enable escalation of EPSS 0.2%CVE-2025-69988MEDIUMBS Producten Petcam 33.1.0.0818 is vulnerable to Incorrect Access Control. An unauthenticated attacker in physical proximity can associate wEPSS 0.2%CVE-2022-36867MEDIUMImproper access control vulnerability in Editor Lite prior to version 4.0.40.14 allows attackers to access sensitive information.EPSS 0.2%CVE-2026-3938MEDIUMInsufficient policy enforcement in Clipboard in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the rendeEPSS 0.2%CVE-2025-43499MEDIUMThis issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, macOS Sequoia 15.7.2, macOEPSS 0.2%CVE-2022-46279MEDIUMImproper access control in the Intel(R) Retail Edge android application before version 3.0.301126-RELEASE may allow an authenticated user toEPSS 0.2%CVE-2026-50892MEDIUMIncorrect access control in the "Let's Encrypt" certificate download endpoint of Nginx Proxy Manager v2.14.0 allows authenticated attackers EPSS 0.2%CVE-2025-30138MEDIUMAn issue was discovered on G-Net Dashcam BB GONX devices. Managing Settings and Obtaining Sensitive Data and Sabotaging Car Battery can be pEPSS 0.2%CVE-2022-3746MEDIUMA potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevatEPSS 0.2%