Fallos del tipo CWE-284

4410 resultados
CVE-2022-29417MEDIUMWordPress ShortPixel Adaptive Images plugin <= 3.3.1 - Subscriber+ Plugin Settings Update vulnerabilityEPSS 0.6%CVE-2023-51661HIGHFilesystem sandbox not enforced in wasmer-cliEPSS 0.6%CVE-2025-46566MEDIUMDataease redshift JDBC Connection Remote Code ExecutionEPSS 0.6%CVE-2024-13110MEDIUMBeijing Yunfan Internet Technology Yunfan Learning Examination System Exam Answer PaperController.java, information disclosureEPSS 0.6%CVE-2023-21893HIGHVulnerability in the Oracle Data Provider for .NET component of Oracle Database Server. Supported versions that are affected are 19c and 2EPSS 0.6%CVE-2026-21535HIGHMicrosoft Teams Information Disclosure VulnerabilityEPSS 0.6%CVE-2020-10143HIGHMacrium Reflect includes an OpenSSL component that specifies an OPENSSLDIR variable as C:\openssl\. Macrium Reflect contains a privileged seEPSS 0.6%CVE-2023-1432HIGHSourceCodester Online Food Ordering System POST Request access controlEPSS 0.6%CVE-2023-21923HIGHVulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications (component: Core). Supported versions thaEPSS 0.6%CVE-2022-41677MEDIUMAn information disclosure vulnerability was discovered in Bosch IP camera devices allowing an unauthenticated attacker to retrieve informatiEPSS 0.6%CVE-2023-41721CRITICALInstances of UniFi Network Application that (i) are run on a UniFi Gateway Console, and (ii) are versions 7.5.176. and earlier, implement deEPSS 0.6%CVE-2024-45124MEDIUMAdobe Commerce | Improper Access Control (CWE-284)EPSS 0.6%CVE-2024-21667MEDIUMPimcore Customer Data Framework Improper Access Control allows unprivileged user to access GDPR extractsEPSS 0.6%CVE-2025-30695MEDIUMVulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0EPSS 0.6%CVE-2022-31055HIGHImproper Access Control in kctfEPSS 0.6%CVE-2024-22202MEDIUMUser Removal Page Allows Spoofing Of User DetailsEPSS 0.6%CVE-2025-58752LOWVite's `server.fs` settings were not applied to HTML filesEPSS 0.6%CVE-2021-37864LOWUsers can view the contents of an archived channel when access is explicitly denied by the system adminEPSS 0.6%CVE-2024-11211MEDIUMEyouCMS Website Logo unrestricted uploadEPSS 0.6%CVE-2021-42360HIGHStarter Templates — Elementor, Gutenberg & Beaver Builder Templates <= 2.7.0 Authenticated Block Import to Stored XSSEPSS 0.6%