Falhas do tipo CWE-276

905 resultados

CVE-2024-20921MEDIUMVulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: HotspotEPSS 0.9%CVE-2020-8022HIGHUser-writeable configuration file /usr/lib/tmpfiles.d/tomcat.conf allows for escalation of priviligesEPSS 0.9%CVE-2022-29909HIGHDocuments in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the exiEPSS 0.8%CVE-2024-2859MEDIUMBy default, SANnav OVA is shipped with root user login enabled (CVE-2024-2859)EPSS 0.8%CVE-2022-45552—An Insecure Permissions vulnerability in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to obtain sensitive infEPSS 0.8%CVE-2024-34221HIGHSourcecodester Human Resource Management System 1.0 is vulnerable to Insecure Permissions resulting in privilege escalation.EPSS 0.8%CVE-2020-12510HIGHBeckhoff: Privilege Escalation through TwinCat SystemEPSS 0.8%CVE-2025-24195CRITICALAn integer overflow was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS VentEPSS 0.8%CVE-2025-24172CRITICALA permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOEPSS 0.8%CVE-2023-33745—TeleAdapt RoomCast TA-2400 1.0 through 3.1 is vulnerable to Improper Privilege Management: from the shell available after an adb connection,EPSS 0.8%CVE-2023-22951HIGHAn issue was discovered in TigerGraph Enterprise Free Edition 3.x. It creates an authentication token for internal systems use. This token cEPSS 0.8%CVE-2022-3368HIGHSoftware Updater of Avira Security for Windows vulnerable to Privilege EscalationEPSS 0.8%CVE-2023-31468HIGHAn issue was discovered in Inosoft VisiWin 7 through 2022-2.1 (Runtime RT7.3 RC3 20221209.5). The "%PROGRAMFILES(X86)%\INOSOFT GmbH" folder EPSS 0.8%CVE-2022-42128MEDIUMThe Hypermedia REST APIs module in Liferay Portal 7.4.1 through 7.4.3.4, and Liferay DXP 7.4 GA does not properly check permissions, which aEPSS 0.8%CVE-2022-42127MEDIUMThe Friendly Url module in Liferay Portal 7.4.3.5 through 7.4.3.36, and Liferay DXP 7.4 update 1 though 36 does not properly check user permEPSS 0.8%CVE-2023-4664HIGHPrivilage Escalation in Saphira ConnectEPSS 0.8%CVE-2022-1833—A flaw was found in AMQ Broker Operator 7.9.4 installed via UI using OperatorHub where a low-privilege user that has access to the namespaceEPSS 0.8%CVE-2022-4039HIGHRhsso-container-image: unsecured management interface exposed to adjecent networkEPSS 0.8%CVE-2025-24093CRITICALA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.3, macOS VenturEPSS 0.8%CVE-2020-21514HIGHAn issue was discovered in Fluent-ui v.1.2.2 allows attackers to gain escalated privileges and execute arbitrary code due to a default passwEPSS 0.8%

← anteriorpágina 5 / 46próxima →