Fallos del tipo CWE-284

4428 resultados
CVE-2026-34390MEDIUMMantisBT: Privilege Escalation from Manager to AdministratorEPSS 0.4%CVE-2025-61777CRITICALFlagForge Allows Unauthenticated Badge Template API AccessEPSS 0.4%CVE-2017-20199LOWButtercup buttercup-browser-extension Vault access controlEPSS 0.4%CVE-2024-43590HIGHVisual C++ Redistributable Installer Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2023-51384MEDIUMIn ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified EPSS 0.4%CVE-2022-39370MEDIUMImproper access to debug panel in GLPIEPSS 0.4%CVE-2026-47647CRITICALDynamics 365 Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2025-0224MEDIUMProvision-ISR SH-4050A-2 server.js information disclosureEPSS 0.4%CVE-2024-49049HIGHVisual Studio Code Remote Extension Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2023-20267MEDIUMA vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restEPSS 0.4%CVE-2021-24688Orange Form <= 1.0.1 - Unauthenticated Arbitrary Post DeletionEPSS 0.4%CVE-2025-11470MEDIUMSourceCodester Hotel and Lodge Management System manage_website.php unrestricted uploadEPSS 0.4%CVE-2024-21195HIGHVulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Layout Templates). Supported versions that are affected arEPSS 0.4%CVE-2023-32009HIGHWindows Collaborative Translation Framework Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2025-27191MEDIUMAdobe Commerce | Improper Access Control (CWE-284)EPSS 0.4%CVE-2025-11853MEDIUMSismics Teedy API Endpoint file access controlEPSS 0.4%CVE-2025-27190MEDIUMAdobe Commerce | Improper Access Control (CWE-284)EPSS 0.4%CVE-2026-46777CRITICALVulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are EPSS 0.4%CVE-2026-46784CRITICALVulnerability in the WebCenter Content: Imaging product of Oracle Fusion Middleware (component: Core). Supported versions that are affectedEPSS 0.4%CVE-2024-38273MEDIUMmoodle: BigBlueButton web service leaks meeting joining information to users who should not have accessEPSS 0.4%