Falhas do tipo CWE-284
4.460 resultadosCVE-2023-21495MEDIUMImproper access control vulnerability in Knox Enrollment Service prior to SMR May-2023 Release 1 allow attacker install KSP app when device EPSS 0.2%CVE-2023-42969LOWAn app may be able to break out of its sandbox. This issue is fixed in iOS 17 and iPadOS 17, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14, macOEPSS 0.2%CVE-2026-56823MEDIUMAutoGPT: IDOR in Webhook Ping Endpoint Allows Enumeration and Cross-User Ping TriggeringEPSS 0.1%CVE-2025-46307MEDIUMA logic issue was addressed with improved restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access sensitive user dEPSS 0.1%CVE-2024-6364MEDIUMServer Identity Validation Bypass in Absolute Persistence®EPSS 0.1%CVE-2026-35067MEDIUMDell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Access Control vulnerability. A low privileged attacker with adjEPSS 0.1%CVE-2025-25225MEDIUMExtension - hikashop.com - Privilege escalation vulnerability Hikashop component version 1.0.0 - 5.1.3 for JoomlaEPSS 0.1%CVE-2026-46768MEDIUMVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: VMSVGA device). The supported version that is affecEPSS 0.1%CVE-2025-1390MEDIUMpam_cap: Fix potential configuration parsing errorEPSS 0.1%CVE-2025-50777HIGHThe firmware of the AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera (version V1.00.02) contains an Incorrect Access Control vulnerabEPSS 0.1%CVE-2024-27200MEDIUMImproper access control in some Intel(R) Granulate(TM) software before version 4.30.1 may allow a authenticated user to potentially enable eEPSS 0.1%CVE-2024-39580MEDIUMDell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control vulnerability. A high privileged attacker with locaEPSS 0.1%CVE-2023-21463MEDIUMImproper access control vulnerability in MyFiles application prior to versions 12.2.09.0 in Android 11, 13.1.03.501 in Android 12 and 14.1.0EPSS 0.1%CVE-2025-1865HIGHLocal Privilege Escalation in Virtual CloneDrive Kernel DriverEPSS 0.1%CVE-2023-21447MEDIUMImproper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local attackers to access information with SamsungEPSS 0.1%CVE-2026-14003MEDIUMInsufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a EPSS 0.1%CVE-2025-21105MEDIUMDell RecoverPoint for Virtual Machines 6.0.X contains a command execution vulnerability. A Low privileged malicious user with local access cEPSS 0.1%CVE-2025-46282MEDIUMThe issue was addressed with additional permissions checks. This issue is fixed in Safari 26.2, macOS Tahoe 26.2. An app may be able to acceEPSS 0.1%CVE-2024-39285MEDIUMImproper access control in UEFI firmware in some Intel(R) Server M20NTP Family may allow a privileged user to potentially enable informationEPSS 0.1%CVE-2026-44783MEDIUMDiscourse: Replying to a whisper lets non-whisperers create staff-only whisper postsEPSS 0.1%