Falhas do tipo CWE-281
210 resultadosCVE-2024-46622CRITICALAn Escalation of Privilege security vulnerability was found in SecureAge Security Suite software 7.0.x before 7.0.38, 7.1.x before 7.1.11, 8EPSS 0.6%CVE-2023-6239MEDIUMIncorrect calculation of effective permissionsEPSS 0.6%CVE-2023-25817LOWDelete permissions are not saved when creating public share in Nextcloud serverEPSS 0.6%CVE-2021-3414—A flaw was found in satellite. When giving granular permission related to the organization, other permissions allowing a user to view and maEPSS 0.6%CVE-2022-24428MEDIUMDell PowerScale OneFS, versions 8.2.x, 9.0.0.x, 9.1.0.x, 9.2.0.x, 9.2.1.x, and 9.3.0.x, contain an improper preservation of privileges. A reEPSS 0.6%CVE-2024-28152MEDIUMIn Jenkins Bitbucket Branch Source Plugin 866.vdea_7dcd3008e and earlier, except 848.850.v6a_a_2a_234a_c81, when discovering pull requests fEPSS 0.6%CVE-2024-44149HIGHA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protecEPSS 0.6%CVE-2023-41939HIGHJenkins SSH2 Easy Plugin 1.4 and earlier does not verify that permissions configured to be granted are enabled, potentially allowing users fEPSS 0.6%CVE-2024-4768MEDIUMA bug in popup notifications' interaction with WebAuthn made it easier for an attacker to trick a user into granting permissions. This vulneEPSS 0.5%CVE-2024-57439MEDIUMAn issue in the reset password interface of ruoyi v4.8.0 allows attackers with Admin privileges to cause a Denial of Service (DoS) by duplicEPSS 0.5%CVE-2023-49932MEDIUMAn issue was discovered in Couchbase Server before 7.2.4. An attacker can bypass SQL++ N1QL cURL host restrictions.EPSS 0.5%CVE-2022-47547MEDIUMGossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score (and thus not be pruned from the network) even though itEPSS 0.5%CVE-2024-32020LOWCloning local Git repository by untrusted user allows the untrusted user to modify objects in the cloned repository at willEPSS 0.5%CVE-2024-22404MEDIUMPermissions bypass in Nextcloud with the files zip appEPSS 0.5%CVE-2024-22402MEDIUMImproper handling of request URLs in Nextcloud Guests app allows guest users to bypass app allowlistEPSS 0.5%CVE-2024-53355HIGHMultiple incorrect access control issues in EasyVirt DCScope <= 8.6.0 and CO2Scope <= 1.3.0 allows remote authenticated attackers, with low EPSS 0.5%CVE-2024-54557HIGHA logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2EPSS 0.5%CVE-2024-27795HIGHA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A camera extension may be able to aEPSS 0.5%CVE-2022-41708MEDIUMRelatedcode's Messenger version 7bcd20b allows an authenticated external attacker to access existing chats in the workspaces of any user of EPSS 0.5%CVE-2024-54818HIGHSourceCodester Computer Laboratory Management System 1.0 is vulnerable to Incorrect Access Control. via /php-lms/admin/?page=user/list.EPSS 0.5%