Fallos del tipo CWE-284

4457 resultados
CVE-2026-3939MEDIUMInsufficient policy enforcement in PDF in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions vEPSS 0.1%CVE-2026-22628MEDIUMAn improper access control vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an authenticated admin to execute systEPSS 0.1%CVE-2026-21711MEDIUMA flaw in Node.js Permission Model network enforcement leaves Unix Domain Socket (UDS) server operations without the required permission cheEPSS 0.1%CVE-2025-24840LOWImproper access control for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an unautheEPSS 0.1%CVE-2023-21488MEDIUMImproper access control vulnerablility in Tips prior to SMR May-2023 Release 1 allows local attackers to launch arbitrary activity in Tips.EPSS 0.1%CVE-2026-14614MEDIUMKeycloak-services: keycloak-services: fgap v2 client scope assignment bypass via clientresourceEPSS 0.1%CVE-2023-43626HIGHImproper access control in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilEPSS 0.1%CVE-2024-9576HIGHImproper access control in Linux Workbooth DistroEPSS 0.1%CVE-2023-31020MEDIUMCVEEPSS 0.1%CVE-2026-20638MEDIUMA logic issue was addressed with improved checks. This issue is fixed in iOS 26.3 and iPadOS 26.3. A user with Live Caller ID app extensionsEPSS 0.1%CVE-2023-32544HIGHImproper access control in some Intel HotKey Services for Windows 10 for Intel NUC P14E Laptop Element software installers before version 1.EPSS 0.1%CVE-2023-27509MEDIUMImproper access control in some Intel(R) ISPC software installers before version 1.19.0 may allow an authenticated user to potentially enablEPSS 0.1%CVE-2023-43489MEDIUMImproper access control for some Intel(R) CIP software before version 2.4.10717 may allow an authenticated user to potentially enable denialEPSS 0.1%CVE-2025-0980MEDIUMJSON RPC authentication bypass in Nokia SR LinuxEPSS 0.1%CVE-2025-14095MEDIUMPrivilege boundary violation in Radiometer ProductsEPSS 0.1%CVE-2025-61973HIGHA local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user EPSS 0.1%CVE-2025-69634CRITICALCross Site Request Forgery vulnerability in Dolibarr ERP & CRM v.22.0.9 allows a remote attacker to escalate privileges via the notes field EPSS 0.1%CVE-2026-4105MEDIUMSystemd: systemd: privilege escalation via improper access control in registermachine d-bus methodEPSS 0.1%CVE-2026-41999MEDIUMIncorrect Behaviour of Views with TCP PROXY RequestsEPSS 0.1%CVE-2022-21950MEDIUMcanna: unsafe handling of /tmp/.iroha_unix directoryEPSS 0.1%