Falhas do tipo CWE-276
905 resultadosCVE-2021-41166MEDIUMPermission bypass in Nextcloud Android AppEPSS 0.9%CVE-2025-30465CRITICALA permissions issue was addressed with improved validation. This issue is fixed in iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sequoia 15.7.2, EPSS 0.9%CVE-2023-43496HIGHJenkins 2.423 and earlier, LTS 2.414.1 and earlier creates a temporary file in the system temporary directory with the default permissions fEPSS 0.9%CVE-2022-20465MEDIUMIn dismiss and related functions of KeyguardHostViewController.java and related files, there is a possible lockscreen bypass due to a logic EPSS 0.9%CVE-2023-29732CRITICALSoLive 1.6.14 thru 1.6.20 for Android exists exposed component, the component provides the method to modify the SharedPreference file. The aEPSS 0.9%CVE-2025-24207CRITICALA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS VenturEPSS 0.9%CVE-2023-32407—A logic issue was addressed with improved state management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 anEPSS 0.9%CVE-2023-31462—An issue was discovered in SteelSeries GG 36.0.0. An attacker can change values in an unencrypted database that is writable for all users onEPSS 0.9%CVE-2024-20671MEDIUMMicrosoft Defender Security Feature Bypass VulnerabilityEPSS 0.9%CVE-2017-3210—Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code executionEPSS 0.9%CVE-2024-21012LOWVulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: NetworkEPSS 0.9%CVE-2022-41943CRITICALIncorrect default permissions found in SourcegraphEPSS 0.9%CVE-2023-33291HIGHIn ebankIT 6, the public endpoints /public/token/Email/generate and /public/token/SMS/generate allow generation of OTP messages to any e-maiEPSS 0.9%CVE-2020-13534CRITICALA privilege escalation vulnerability exists in Dream Report 5 R20-2. COM Class Identifiers (CLSID), installed by Dream Report 5 20-2, refereEPSS 0.9%CVE-2025-29801HIGHMicrosoft AutoUpdate (MAU) Elevation of Privilege VulnerabilityEPSS 0.9%CVE-2023-6302MEDIUMCSZCMS File Manager Page templates permissionEPSS 0.9%CVE-2021-34182CRITICALAn issue in ttyd v.1.6.3 allows attacker to execute arbitrary code via default configuration permissions.EPSS 0.9%CVE-2021-40397HIGHA privilege escalation vulnerability exists in the installation of Advantech WISE-PaaS/OTA Server 3.0.9. A specially-crafted file can be repEPSS 0.9%CVE-2023-42501MEDIUMApache Superset: Unnecessary read permissions within the Gamma roleEPSS 0.9%CVE-2023-43902—Incorrect access control in the Forgot Your Password function of EMSigner v2.8.7 allows unauthenticated attackers to access accounts of all EPSS 0.9%