Fallos del tipo CWE-284

4457 resultados
CVE-2025-31212MEDIUMThis issue was addressed through improved state management. This issue is fixed in iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, EPSS 0.2%CVE-2022-37410HIGHImproper access control for some Intel(R) Thunderbolt driver software before version 89 may allow an authenticated user to potentially enablEPSS 0.2%CVE-2026-7373HIGHMetasploit Pro on Windows: Local Privilege Escalation via OpenSSL Configuration File LoadingEPSS 0.2%CVE-2022-3746MEDIUMA potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevatEPSS 0.2%CVE-2026-42158LOWFlowsint: Broken Access Control allows modification of investigation metadata from any userEPSS 0.2%CVE-2026-40874MEDIUMmailcow: dockerized missing authorization on Forwarding Hosts delete actionEPSS 0.2%CVE-2026-54015MEDIUMOpen WebUI: Prompt history IDOR: unbound history_id allows cross-prompt read and deletionEPSS 0.2%CVE-2025-43294LOWAn issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 26.EPSS 0.2%CVE-2025-27238LOWAPI hostprototype.get lists data to users with insufficient authorization.EPSS 0.2%CVE-2024-27792MEDIUMThis issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14.4. An app may be able to acEPSS 0.2%CVE-2023-28051HIGH Dell Power Manager, versions 3.10 and prior, contains an Improper Access Control vulnerability. A low-privileged attacker could potentiallyEPSS 0.2%CVE-2024-30146MEDIUMHCL Domino Leap is affected by improper access controlEPSS 0.2%CVE-2023-28714HIGHImproper access control in firmware for some Intel(R) PROSet/Wireless WiFi software for Windows before version 22.220 HF (Hot Fix) may allowEPSS 0.2%CVE-2023-27391MEDIUMImproper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged usEPSS 0.2%CVE-2026-47907HIGHDreamweaver Desktop | Improper Access Control (CWE-284)EPSS 0.2%CVE-2026-48956MEDIUMJoomla! Core - [20260710] - Incorrect Access Control in com_modulesEPSS 0.2%CVE-2026-46865HIGHVulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Extensibility Framework). SupEPSS 0.2%CVE-2024-32483HIGHImproper access control for some Intel(R) EMA software before version 1.13.1.0 may allow an authenticated user to potentially enable escalatEPSS 0.2%CVE-2025-8762HIGHINSTAR 2K+/4K UART improper physical access controlEPSS 0.2%CVE-2025-65096MEDIUMRomM Insecure Direct Object Reference (IDOR) Allows Unauthorized Access to Private CollectionsEPSS 0.2%