Fallos del tipo CWE-284
4410 resultadosCVE-2024-22209MEDIUMXBlock custom auth does not respect JWT ScopesEPSS 0.6%CVE-2024-46607HIGHIncorrect access control in IceCMS v3.4.7 and before allows attackers to authenticate by entering any arbitrary values as the username and pEPSS 0.6%CVE-2022-27673HIGHInsufficient access controls in the AMD Link Android app may potentially result in information disclosure.EPSS 0.6%CVE-2024-12235MEDIUMShenzhen Dashi Tongzhou Information Technology AgileBPM AuthorizationTokenCheckFilter.java doFilter access controlEPSS 0.6%CVE-2022-31024MEDIUMFederated editing allows iframing remote servers by default in richdocumentsEPSS 0.6%CVE-2025-3236MEDIUMTenda FH1202 Web Management Interface VirSerDMZ access controlEPSS 0.6%CVE-2025-28405CRITICALAn issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the changeStatus methodEPSS 0.6%CVE-2025-28412CRITICALAn issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the /editSave method in SysNoticeControllerEPSS 0.6%CVE-2025-28411CRITICALAn issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method in /tool/gen/editSaveEPSS 0.6%CVE-2025-28410CRITICALAn issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the cancelAuthUserAll method does not properly validate whetheEPSS 0.6%CVE-2025-28406CRITICALAn issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the jobLogId parameterEPSS 0.6%CVE-2022-47542HIGHRed Gate SQL Monitor 11.0.14 through 12.1.46 has Incorrect Access Control, exploitable remotely for Escalation of Privileges.EPSS 0.6%CVE-2025-28402CRITICALAn issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the jobId parameterEPSS 0.6%CVE-2025-28413CRITICALAn issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the SysDictTypeController componentEPSS 0.6%CVE-2026-40498HIGHFreeScout has Authentication Bypass and Information Disclosure in SystemController via /system/cronEPSS 0.6%CVE-2022-4807HIGHImproper Access Control in usememos/memosEPSS 0.6%CVE-2025-28408CRITICALAn issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the selectDeptTree method of the /selectDeptTree/{deptId} endpEPSS 0.6%CVE-2022-3186HIGHDataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product allows an attacker to access the dEPSS 0.6%CVE-2023-0858LOWImproper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on theEPSS 0.6%CVE-2025-8226MEDIUMyanyutao0402 ChanCMS find information disclosureEPSS 0.6%