Falhas do tipo CWE-276

905 resultados

CVE-2023-37572HIGHSofting OPC Suite version 5.25 and before has Incorrect Access Control, allows attackers to obtain sensitive information via weak permissionEPSS 0.6%CVE-2025-27154HIGHSpotipy's cache file, containing spotify auth token, is created with overly broad permissionsEPSS 0.6%CVE-2020-13539CRITICALAn exploitable local privilege elevation vulnerability exists in the file system permissions of the Win-911 Enterprise V4.20.13 install direEPSS 0.6%CVE-2024-51162HIGHAn issue in Audimex EE versions 15.1.20 and earlier allowing a remote attacker to escalate privileges. Analyzing the offline client code, itEPSS 0.6%CVE-2022-22518MEDIUMA bug in the CODESYS V3 CmpUserMgr component fails to correctly apply a security policy.EPSS 0.6%CVE-2021-36397MEDIUMIn Moodle, insufficient capability checks meant message deletions were not limited to the current user.EPSS 0.6%CVE-2024-55225CRITICALAn issue in the component src/api/identity.rs of Vaultwarden prior to v1.32.5 allows attackers to impersonate users, including AdministratorEPSS 0.6%CVE-2024-52551HIGHJenkins Pipeline: Declarative Plugin 2.2214.vb_b_34b_2ea_9b_83 and earlier does not check whether the main (Jenkinsfile) script used to restEPSS 0.6%CVE-2022-41572CRITICALAn issue was discovered in EyesOfNetwork (EON) through 5.3.11. Privilege escalation can be accomplished on the server because nmap can be ruEPSS 0.6%CVE-2021-3948—An incorrect default permissions vulnerability was found in the mig-controller. Due to an incorrect cluster namespaces handling an attacker EPSS 0.6%CVE-2022-36803HIGHThe MasterUserEdit API in Atlassian Jira Align Server before version 10.109.2 allows An authenticated attacker with the People role permissiEPSS 0.6%CVE-2019-3870MEDIUMA vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DEPSS 0.6%CVE-2024-11089MEDIUMAnonymous Restricted Content <= 1.6.5 - Unauthenticated Content Restriction Bypass to Sensitive Information ExposureEPSS 0.6%CVE-2020-13554HIGHAn exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installationEPSS 0.5%CVE-2024-31442HIGHRedon-Hub has incorrect permissions on all admin related commandsEPSS 0.5%CVE-2020-13536CRITICALAn exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. DepenEPSS 0.5%CVE-2022-2366MEDIUMIncorrect defaults can cause attackers to bypass rate limitationsEPSS 0.5%CVE-2025-57625HIGHCYRISMA Sensor before 444 for Windows has an Insecure Folder and File Permissions vulnerability. A low-privileged user can abuse these issueEPSS 0.5%CVE-2024-54747CRITICALWAVLINK WN531P3 202383 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as rootEPSS 0.5%CVE-2024-54745CRITICALWAVLINK WN701AE M01AE_V240305 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in EPSS 0.5%

← anteriorpágina 8 / 46próxima →