Falhas do tipo CWE-284
4.457 resultadosCVE-2023-39259HIGH
Dell OS Recovery Tool, versions 2.2.4013, 2.3.7012.0, and 2.3.7515.0 contain an Improper Access Control Vulnerability. A local authenticateEPSS 0.2%CVE-2022-36442MEDIUMAn issue was discovered in Zebra Enterprise Home Screen 4.1.19. By using the embedded Google Chrome application, it is possible to install aEPSS 0.2%CVE-2023-39253HIGH
Dell OS Recovery Tool, versions 2.2.4013, 2.3.7012.0, and 2.3.7515.0 contain an Improper Access Control Vulnerability. A local authenticateEPSS 0.2%CVE-2026-11257MEDIUMInappropriate implementation in Browser in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions EPSS 0.2%CVE-2026-45154LOWNextcloud: Improper Access Control in CollectivesEPSS 0.2%CVE-2025-22844MEDIUMImproper access control for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an unauthenticated user to potentialEPSS 0.2%CVE-2026-20259MEDIUMImproper Access Control in Splunk EnterpriseEPSS 0.2%CVE-2023-33875HIGHImproper access control for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenEPSS 0.2%CVE-2023-21465MEDIUMImproper access control vulnerability in BixbyTouch prior to version 3.2.02.5 in China models allows untrusted applications access local filEPSS 0.2%CVE-2023-31100HIGHImproper Access Control in SMI handler vulnerability in Phoenix SecureCore™ Technology™ 4 allows SPI flash modification.
This issue affects EPSS 0.2%CVE-2026-33415MEDIUMDiscourse: Improper Access Control in discourse-ai Allows Unauthorized Category Content ExposureEPSS 0.2%CVE-2026-34082MEDIUMDify has IDOR in deleting someone else's chat conversationEPSS 0.2%CVE-2022-30715MEDIUMImproper access control vulnerability in DofViewer prior to SMR Jun-2022 Release 1 allows attackers to control floating system alert window.EPSS 0.2%CVE-2023-27303LOWImproper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentEPSS 0.2%CVE-2023-38561MEDIUMImproper access control in some Intel(R) XTU software before version 7.12.0.29 may allow an authenticated user to potentially enable escalatEPSS 0.2%CVE-2026-3934MEDIUMInsufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass same origin poliEPSS 0.2%CVE-2026-2356MEDIUMUser Registration & Membership <= 5.1.2 - Insecure Direct Object Reference to Unauthenticated Limited User DeletionEPSS 0.2%CVE-2022-2225HIGHZero Trust Secure Web Gateway policies bypass using WARP client subcommandsEPSS 0.2%CVE-2026-28895MEDIUMThe issue was addressed with improved checks. This issue is fixed in iOS 26.4 and iPadOS 26.4. An attacker with physical access to an iOS deEPSS 0.2%CVE-2025-70997HIGHA vulnerability has been discovered in eladmin v2.7 and before. This vulnerability allows for an arbitrary user password reset under any useEPSS 0.2%