Falhas do tipo CWE-284
4.453 resultadosCVE-2026-43652HIGHA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.5. An app may be able to access protecEPSS 0.2%CVE-2025-24314LOWImproper access control for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an infoEPSS 0.2%CVE-2025-67796HIGHIKUS Rdiffweb before 2.10.5 has an improper authorization flaw that allows an attacker with any valid or stolen access token to act as otherEPSS 0.2%CVE-2025-15084LOWyoulaitech youlai-mall Order Payment OrderController.java orderService.payOrder access controlEPSS 0.2%CVE-2025-43980MEDIUMAn issue was discovered on FIRSTNUM JC21A-04 devices through 2.01ME/FN. They enable the SSH service by default with the credentials of root/EPSS 0.2%CVE-2026-5228HIGHImproper Access Control in Kurt Software Studio's WriteUp Mobile AppEPSS 0.2%CVE-2022-32902MEDIUMA logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13, macOS Monterey 12.6, macOS Big Sur 11.7EPSS 0.2%CVE-2022-32783MEDIUMA logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4. An app may gain unauthorized access to BluetooEPSS 0.2%CVE-2024-43813MEDIUMIDOR when marking read a user's channelEPSS 0.2%CVE-2025-31187MEDIUMThis issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7EPSS 0.2%CVE-2021-1231MEDIUMCisco Nexus 9000 Series Fabric Switches ACI Mode Link Layer Discovery Protocol Port Denial of Service VulnerabilityEPSS 0.2%CVE-2025-50081LOWVulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.0-8.EPSS 0.2%CVE-2026-21694MEDIUMTitra APIs have Improper Access ControlEPSS 0.2%CVE-2025-43712LOWJHipster before v.8.9.0 allows privilege escalation via a modified authorities parameter. Upon registering in the JHipster portal and logginEPSS 0.2%CVE-2025-20223MEDIUMA vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to read and modify data iEPSS 0.2%CVE-2026-3198MEDIUMImproper Access Control in mlflow/mlflowEPSS 0.2%CVE-2024-29215MEDIUMSlash commands run in channel without channel membership via playbook task commandsEPSS 0.2%CVE-2024-43377MEDIUMUmbraco CMS Improper Access Control vulnerabilityEPSS 0.2%CVE-2026-33726MEDIUMCilium L7 proxy may bypass Kubernetes NetworkPolicy for same-node trafficEPSS 0.2%CVE-2025-69727MEDIUMAn Incorrect Access Control vulnerability exists in INDEX-EDUCATION PRONOTE prior to 2025.2.8. The affected components (index.js and composeEPSS 0.2%