Fallos del tipo CWE-284

4410 resultados
CVE-2025-48986HIGHAuthorization bypass in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an logged in attacker to change other users' email addreEPSS 0.6%CVE-2020-15079MEDIUMImproper access control in PrestaShopEPSS 0.6%CVE-2025-29515CRITICALIncorrect access control in the DELT_file.xgi endpoint of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to modiEPSS 0.6%CVE-2022-2578MEDIUMSourceCodester Garage Management System createUser.php access controlEPSS 0.6%CVE-2021-46304MEDIUMA vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions), CP-8000 MASTER MODULE WITH I/O -40/+70°C (AlEPSS 0.6%CVE-2022-41235MEDIUMJenkins WildFly Deployer Plugin 1.0.2 and earlier implements functionality that allows agent processes to read arbitrary files on the JenkinEPSS 0.6%CVE-2022-28758HIGHZoom On-Premise Deployments: Improper Access ControlEPSS 0.6%CVE-2025-63218CRITICALThe Axel Technology WOLF1MS and WOLF2MS devices (firmware versions 0.8.5 to 1.0.3) are vulnerable to Broken Access Control due to missing auEPSS 0.6%CVE-2024-21076HIGHVulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: Offer LOV). Supported versions that are affecteEPSS 0.6%CVE-2022-24309MEDIUMA vulnerability has been identified in Mendix Runtime V7 (All versions < V7.23.29), Mendix Runtime V8 (All versions < V8.18.16), Mendix RuntEPSS 0.6%CVE-2024-1088MEDIUMPassword Protected Store for WooCommerce <= 2.2 - Information Exposure via REST APIEPSS 0.6%CVE-2025-55244CRITICALAzure Bot Service Elevation of Privilege VulnerabilityEPSS 0.6%CVE-2026-31272CRITICALMRCMS 3.1.2 contains an access control vulnerability. The save() method in src/main/java/org/marker/mushroom/controller/UserController.java EPSS 0.6%CVE-2023-26205HIGHAn improper access control vulnerability [CWE-284] in FortiADC automation feature 7.1.0 through 7.1.2, 7.0 all versions, 6.2 all versions, 6EPSS 0.6%CVE-2024-0366MEDIUMStarbox – the Author Box for Humans <= 3.4.7 - Insecure Direct Object ReferenceEPSS 0.6%CVE-2024-3270LOWThingsBoard AdvancedFeature access controlEPSS 0.6%CVE-2025-3040MEDIUMProject Worlds Online Time Table Generator add_student.php unrestricted uploadEPSS 0.6%CVE-2026-34381HIGHAdmidio: Unauthenticated Access to Role-Restricted documents via neutralized .htaccessEPSS 0.6%CVE-2025-0802MEDIUMSourceCodester Best Employee Management System Administrative Endpoint View_user.php access controlEPSS 0.6%CVE-2024-22209MEDIUMXBlock custom auth does not respect JWT ScopesEPSS 0.6%