Fallos del tipo CWE-284
4409 resultadosCVE-2023-33946LOWThe Object module in Liferay Portal 7.4.3.4 through 7.4.3.48, and Liferay DXP 7.4 before update 49 does properly isolate objects in differenEPSS 0.6%CVE-2025-0206MEDIUMcode-projects Online Shoe Store index.php access controlEPSS 0.6%CVE-2025-24272MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app mEPSS 0.6%CVE-2023-33947LOWThe Object module in Liferay Portal 7.4.3.4 through 7.4.3.60, and Liferay DXP 7.4 before update 61 does not segment object definition by virEPSS 0.6%CVE-2022-4684HIGHImproper Access Control in usememos/memosEPSS 0.6%CVE-2025-53763CRITICALAzure Databricks Elevation of Privilege VulnerabilityEPSS 0.6%CVE-2022-4567HIGHImproper Access Control in openemr/openemrEPSS 0.6%CVE-2022-23433MEDIUMImproper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S(12), 12.2.05.6000 in Android R(11) and 11.6.08EPSS 0.6%CVE-2025-46816CRITICALgoshs route not protected, allows command executionEPSS 0.6%CVE-2023-21860MEDIUMVulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: Internal Operations). Supported versions that are affected EPSS 0.6%CVE-2024-42967CRITICALIncorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allows attackers to obtain the apmib configuration file, which contains thEPSS 0.6%CVE-2023-27088HIGHfeiqu-opensource Background Vertical authorization vulnerability exists in IndexController.java. demo users with low permission can perform EPSS 0.6%CVE-2022-44212MEDIUMIn GL.iNet Goodcloud 1.0, insecure design allows remote attacker to access devices' admin panel.EPSS 0.6%CVE-2022-4708MEDIUMRoyal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template Conditions ModificationEPSS 0.6%CVE-2022-4709MEDIUMRoyal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template Kit ImportEPSS 0.6%CVE-2022-2630MEDIUMAn improper access control issue in GitLab CE/EE affecting all versions starting from 15.2 before 15.2.4, all versions from 15.3 before 15.3EPSS 0.6%CVE-2024-46432HIGHTenda W18E V16.01.0.8(1625) is vulnerable to Incorrect Access Control. An attacker can send a specially crafted HTTP POST request to the setEPSS 0.6%CVE-2024-50945HIGHAn improper access control vulnerability exists in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f, allowing users to submiEPSS 0.6%CVE-2022-4705MEDIUMRoyal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template ActivationEPSS 0.6%CVE-2025-2992MEDIUMTenda FH1202 Web Management Interface AdvSetWrlsafeset access controlEPSS 0.6%