Fallos del tipo CWE-284
4428 resultadosCVE-2022-33926HIGHDell Wyse Management Suite 3.6.1 and below contains an improper access control vulnerability. A remote malicious user could exploit this vulEPSS 0.4%CVE-2023-6733MEDIUMWP-Members Membership Plugin <= 3.4.8 - Missing Authorization to Sensitive Information ExposureEPSS 0.4%CVE-2024-25962HIGHDell InsightIQ, version 5.0, contains an improper access control vulnerability. A remote low privileged attacker could potentially exploit tEPSS 0.4%CVE-2024-29206LOWAn Improper Access Control could allow a malicious actor authenticated in the API to enable Android Debug Bridge (ADB) and make unsupported EPSS 0.4%CVE-2024-28978MEDIUMDell OpenManage Enterprise, versions 3.10 and 4.0, contains an Improper Access Control vulnerability. A high privileged remote attacker coulEPSS 0.4%CVE-2022-3286MEDIUMLack of IP address checking in GitLab EE affecting all versions from 14.2 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 alEPSS 0.4%CVE-2025-6873MEDIUMSourceCodester Simple Company Website Users.php unrestricted uploadEPSS 0.4%CVE-2025-6872MEDIUMSourceCodester Simple Company Website SystemSettings.php unrestricted uploadEPSS 0.4%CVE-2022-30564MEDIUMSome Dahua embedded products have a vulnerability of unauthorized modification of the device timestamp. By sending a specially crafted packeEPSS 0.4%CVE-2025-2686MEDIUMmingyuefusu 明月复苏 tushuguanlixitong 图书管理系统 Backend admin doFilter access controlEPSS 0.4%CVE-2025-4067MEDIUMScriptAndTools Online-Travling-System viewpackage.php access controlEPSS 0.4%CVE-2022-23997MEDIUMUnprotected component vulnerability in StTheaterModeDurationAlarmReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows unEPSS 0.4%CVE-2024-45397MEDIUMH2O alllows bypassing address-based access control with 0-RTTEPSS 0.4%CVE-2025-3765MEDIUMSourceCodester Web-based Pharmacy Product Management System edit-photo.php unrestricted uploadEPSS 0.4%CVE-2022-23996MEDIUMUnprotected component vulnerability in StTheaterModeReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted appliEPSS 0.4%CVE-2025-56015HIGHIn GenieACS 1.2.13, an unauthenticated access vulnerability exists in the NBI API endpoint.EPSS 0.4%CVE-2023-7193MEDIUMMTab Bookmark Installation install.php access controlEPSS 0.4%CVE-2022-23995MEDIUMUnprotected component vulnerability in StBedtimeModeAlarmReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted EPSS 0.4%CVE-2025-4064MEDIUMScriptAndTools Online-Travling-System viewenquiry.php access controlEPSS 0.4%CVE-2025-3764MEDIUMSourceCodester Web-based Pharmacy Product Management System edit-product.php unrestricted uploadEPSS 0.4%