Falhas do tipo CWE-284
4.460 resultadosCVE-2023-27301MEDIUMImproper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentEPSS 0.2%CVE-2026-20203MEDIUMImproper Access Control in Data Model Acceleration in Splunk EnterpriseEPSS 0.2%CVE-2026-22019MEDIUMVulnerability in the PeopleSoft Enterprise HCM Shared Components product of Oracle PeopleSoft (component: Person Search). The supported veEPSS 0.2%CVE-2026-9789HIGHNitroSense V3: Security Vulnerability InformationEPSS 0.2%CVE-2023-32609MEDIUMImproper access control in the Intel Unite(R) android application before version 4.2.3504 may allow an authenticated user to potentially enaEPSS 0.2%CVE-2026-35232MEDIUMVulnerability in Oracle Fusion Middleware (component: Dynamic Monitoring Service). Supported versions that are affected are 12.2.1.4.0 and EPSS 0.2%CVE-2026-9223MEDIUMMissing authorization in the vault import feature in Devolutions Server 2026.1.16.0 and earlier allows a low-privileged authenticated user EPSS 0.2%CVE-2026-34307MEDIUMVulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Workflow). Supported versions that are affeEPSS 0.2%CVE-2025-47792MEDIUMNextcloud Desktop 3rdparty applications can create share links via socket APIEPSS 0.2%CVE-2023-21491HIGHImproper access control vulnerability in ThemeManager prior to SMR May-2023 Release 1 allows local attackers to write arbitrary files with sEPSS 0.2%CVE-2026-46848HIGHVulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 14.EPSS 0.2%CVE-2026-11187MEDIUMInappropriate implementation in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions viaEPSS 0.2%CVE-2025-43351MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to access protecEPSS 0.2%CVE-2025-43518LOWA logic issue was addressed with improved checks. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3EPSS 0.2%CVE-2023-21493MEDIUMImproper access control vulnerability in SemShareFileProvider prior to SMR May-2023 Release 1 allows local attackers to access protected datEPSS 0.2%CVE-2023-21495MEDIUMImproper access control vulnerability in Knox Enrollment Service prior to SMR May-2023 Release 1 allow attacker install KSP app when device EPSS 0.2%CVE-2023-21442MEDIUMImproper access control vulnerability in Runestone application prior to version 2.9.09.003 in Android R(11) and 3.2.01.007 in Android S(12) EPSS 0.2%CVE-2026-28218MEDIUMDiscourse's Fail-Open Access Control in Data Explorer Plugin Allows Unauthorized SQL Query ExecutionEPSS 0.2%CVE-2023-42969LOWAn app may be able to break out of its sandbox. This issue is fixed in iOS 17 and iPadOS 17, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14, macOEPSS 0.2%CVE-2023-22618HIGHIf Security Hardening guide rules are not followed, then Nokia WaveLite products allow a local user to create new users with administrative EPSS 0.2%