Fallos del tipo CWE-284
4356 resultadosCVE-2021-26559—CWE-284 Improper Access Control on Configurations Endpoint for the Stable APIEPSS 2.8%CVE-2018-13816—A vulnerability has been identified in TIM 1531 IRC (All version < V2.0). The devices was missing proper authentication on port 102/tcp, altEPSS 2.8%CVE-2020-3284HIGHCisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution VulnerabilityEPSS 2.8%CVE-2025-59512HIGHCustomer Experience Improvement Program (CEIP) Elevation of Privilege VulnerabilityEPSS 2.8%CVE-2025-55694HIGHWindows Error Reporting Service Elevation of Privilege VulnerabilityEPSS 2.8%CVE-2022-21305MEDIUMVulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions thEPSS 2.8%CVE-2019-5162CRITICALAn exploitable improper access control vulnerability exists in the iw_webs account settings functionality of the Moxa AWK-3131A firmware verEPSS 2.7%CVE-2021-3554CRITICALImproper Access Control vulnerability in the patchesUpdate APIEPSS 2.7%CVE-2022-32800MEDIUMThis issue was addressed with improved checks. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS MontereEPSS 2.7%CVE-2025-21197MEDIUMWindows NTFS Information Disclosure VulnerabilityEPSS 2.6%CVE-2025-59230HIGHWindows Remote Access Connection Manager Elevation of Privilege VulnerabilityEPSS 2.6%KEVCVE-2025-27738MEDIUMWindows Resilient File System (ReFS) Information Disclosure VulnerabilityEPSS 2.6%CVE-2021-42124—An improper access control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to pEPSS 2.6%CVE-2025-26613CRITICALOS Command Injection endpoint 'gerenciar_backup.php' parameter 'file' (RCE) in WeGIAEPSS 2.6%CVE-2025-54098HIGHWindows Hyper-V Elevation of Privilege VulnerabilityEPSS 2.6%CVE-2026-27914HIGHMicrosoft Management Console Elevation of Privilege VulnerabilityEPSS 2.6%CVE-2018-16476—A Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an attacker to craft user input which can cause Active Job to dEPSS 2.6%CVE-2022-26926HIGHWindows Address Book Remote Code Execution VulnerabilityEPSS 2.5%CVE-2019-9531—The web application portal of the Cobham EXPLORER 710, firmware version 1.07, allows unauthenticated access to a port that can run AT commandsEPSS 2.5%CVE-2019-5136HIGHAn exploitable privilege escalation vulnerability exists in the iw_console functionality of the Moxa AWK-3131A firmware version 1.13. A specEPSS 2.5%