Falhas do tipo CWE-284
4.457 resultadosCVE-2026-9590MEDIUMImproper access control in the permission validation component in Devolutions Server 2026.1.19 and earlier allows an authenticated user withEPSS 0.2%CVE-2025-43407HIGHThis issue was addressed with improved entitlements. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS SeEPSS 0.2%CVE-2023-40161MEDIUMImproper access control in some Intel Unite(R) Client software before version 4.2.35041 may allow an authenticated user to potentially enablEPSS 0.2%CVE-2023-22848MEDIUMImproper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentEPSS 0.2%CVE-2025-43371HIGHThis issue was addressed with improved checks. This issue is fixed in Xcode 26. An app may be able to break out of its sandbox.EPSS 0.2%CVE-2023-37194MEDIUMA vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATEPSS 0.2%CVE-2025-31270MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access protecteEPSS 0.2%CVE-2025-61762MEDIUMVulnerability in the PeopleSoft Enterprise FIN Payables product of Oracle PeopleSoft (component: Payables). The supported version that is EPSS 0.2%CVE-2022-36374HIGHImproper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmi Windows 5.27.03.0003 may allow a privilEPSS 0.2%CVE-2026-46842MEDIUMVulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vuEPSS 0.2%CVE-2026-3932MEDIUMInsufficient policy enforcement in PDF in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to bypass navigation resEPSS 0.2%CVE-2025-43325MEDIUMAn access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access sensEPSS 0.2%CVE-2026-35066HIGHDell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Access Control vulnerability. A low privileged attacker with remEPSS 0.2%CVE-2025-43208MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to read sensitive EPSS 0.2%CVE-2025-43207MEDIUMThis issue was addressed with improved entitlements. This issue is fixed in macOS Tahoe 26. An app may be able to access user-sensitive dataEPSS 0.2%CVE-2023-24481MEDIUMImproper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentEPSS 0.2%CVE-2026-29197MEDIUMIn versions <8.4.0, <8.3.2, <8.2.2, <8.1.3, <8.0.4, <7.13.6, <7.12.7, <7.11.7, and <7.10.10, the endpoints /api/apps/logs and /api/apps/:id/EPSS 0.2%CVE-2026-8566MEDIUMInsufficient policy enforcement in Payments in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to bypass discretiEPSS 0.2%CVE-2023-43089MEDIUM
Dell Rugged Control Center, version prior to 4.7, contains insufficient protection for the Policy folder. A local malicious standard user cEPSS 0.2%CVE-2025-65841MEDIUMAquarius Desktop 3.0.069 for macOS stores user authentication credentials in the local file ~/Library/Application Support/Aquarius/aquarius.EPSS 0.2%