Falhas do tipo CWE-1220
85 resultadosCVE-2025-31201CRITICALThis issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18EPSS 12.4%KEVCVE-2026-33825HIGHMicrosoft Defender Elevation of Privilege VulnerabilityEPSS 6.7%KEVCVE-2024-42365HIGHAsterisk allows `Write=originate` as sufficient permissions for code execution / `System()` dialplanEPSS 4.7%CVE-2023-43040MEDIUMIBM Spectrum Fusion HCI improper access controlEPSS 2.5%CVE-2023-33127HIGH.NET and Visual Studio Elevation of Privilege VulnerabilityEPSS 2.0%CVE-2025-4404CRITICALFreeipa: idm: privilege escalation from host to domain admin in freeipaEPSS 1.8%CVE-2025-3648HIGHData Inference in Now Platform via Conditional ACLsEPSS 1.7%CVE-2021-31384HIGHJunos OS: SRX Series: Under a specific device configuration an attacker can access the devices J-Web management services from any interface, regardless of security settings protecting the serviceEPSS 1.1%CVE-2024-43604MEDIUMOutlook for Android Elevation of Privilege VulnerabilityEPSS 1.1%CVE-2024-8927HIGHcgi.force_redirect configuration is bypassable due to the environment variable collisionEPSS 1.1%CVE-2023-39418LOWPostgresql: merge fails to enforce update or select row security policiesEPSS 1.0%CVE-2026-40365HIGHMicrosoft SharePoint Server Remote Code Execution VulnerabilityEPSS 1.0%CVE-2022-1177MEDIUMAccounting User Can Download Patient Reports in openemr in openemr/openemrEPSS 0.9%CVE-2022-1461HIGHNon Privilege User can Enable or Disable Registered in openemr/openemrEPSS 0.9%CVE-2023-27591HIGHUnauthenticated Miniflux user can bypass allowed networks check to obtain Prometheus metricsEPSS 0.8%CVE-2022-36110HIGHNetmaker vulnerable to Insufficient Granularity of Access ControlEPSS 0.7%CVE-2022-4801HIGHInsufficient Granularity of Access Control in usememos/memosEPSS 0.7%CVE-2024-26246LOWMicrosoft Edge (Chromium-based) Security Feature Bypass VulnerabilityEPSS 0.6%CVE-2024-29200MEDIUMAPI returns timesheet entries a user should not be authorized to viewEPSS 0.6%CVE-2022-2475CRITICALHaas Controller version 100.20.000.1110 has insufficient granularity of access control when using the "Ethernet Q Commands" service. Any useEPSS 0.6%