Fallos del tipo CWE-284
4410 resultadosCVE-2023-0858LOWImproper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on theEPSS 0.6%CVE-2025-8226MEDIUMyanyutao0402 ChanCMS find information disclosureEPSS 0.6%CVE-2025-14748MEDIUMNingyuanda TC155 ONVIF Device Management Service device_service access controlEPSS 0.6%CVE-2024-20657HIGHWindows Group Policy Elevation of Privilege VulnerabilityEPSS 0.6%CVE-2024-24486CRITICALAn issue discovered in silex technology DS-600 Firmware v.1.4.1 allows a remote attacker to edit device settings via the SAVE EEP_DATA commaEPSS 0.6%CVE-2022-24038MEDIUMUnauthorized modification in Karmasis Informatics Infraskope SIEM+EPSS 0.6%CVE-2025-14286MEDIUMTenda AC9 Configuration File DownloadCfg.jpg information disclosureEPSS 0.6%CVE-2026-2938MEDIUMSourceCodester Student Result Management System update_smtp.php access controlEPSS 0.6%CVE-2023-47536LOWAn improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProEPSS 0.6%CVE-2025-43413HIGHAn access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, mEPSS 0.6%CVE-2022-3030MEDIUMAn improper access control issue in GitLab CE/EE affecting all versions starting before 15.1.6, all versions from 15.2 before 15.2.4, all veEPSS 0.6%CVE-2024-21666MEDIUMPimcore Customer Data Framework Improper Access Control allows unprivileged user to access customers duplicates listEPSS 0.6%CVE-2024-7525CRITICALIt was possible for a web extension with minimal permissions to create a `StreamFilter` which could be used to read and modify the response EPSS 0.6%CVE-2025-6161MEDIUMSourceCodester Simple Food Ordering System editproduct.php unrestricted uploadEPSS 0.6%CVE-2021-23178HIGHImproper access control in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows attackers to validate online paymentsEPSS 0.6%CVE-2024-42797CRITICALAn Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_playlist in Kashipara Music Management System v1.0. ThiEPSS 0.6%CVE-2024-45135LOWAdobe Commerce | Improper Access Control (CWE-284)EPSS 0.6%CVE-2024-10393MEDIUMTutor LMS <= 2.7.6 - User Registration Setting Bypass to Unauthorized User RegistrationEPSS 0.6%CVE-2024-0551HIGHDownload and export of file via default user roleEPSS 0.6%CVE-2022-32848MEDIUMA logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to caEPSS 0.6%