Falhas do tipo CWE-284

4.409 resultados
CVE-2021-1477MEDIUMCisco Firepower Management Center Software Policy VulnerabilityEPSS 0.7%CVE-2024-6221MEDIUMImproper Access Control in corydolphin/flask-corsEPSS 0.7%CVE-2022-46354MEDIUMA vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALAEPSS 0.7%CVE-2022-28761MEDIUMZoom On-Premise Deployments: Improper Access ControlEPSS 0.7%CVE-2020-3329MEDIUMCisco IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Role-Based Access Control VulnerabilityEPSS 0.7%CVE-2022-31257A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.31), Mendix Applications using Mendix 8 (AllEPSS 0.7%CVE-2026-33062HIGHfree5GC NRF Discovery EncodeGroupId Function Panics on Malformed group-id-list ParameterEPSS 0.7%CVE-2019-11896MEDIUMIncorrect pviilege assignment in the 3rd party pairing mechanism of the Bosch Smart Home Controller (SHC)EPSS 0.7%CVE-2024-0377MEDIUMLifterLMS – WordPress LMS Plugin for eLearning <= 7.5.1 - Missing Authorization via process_reviewEPSS 0.7%CVE-2022-44932HIGHAn access control issue in Tenda A18 v15.13.07.09 allows unauthenticated attackers to access the Telnet service.EPSS 0.7%CVE-2022-23241HIGHClustered Data ONTAP versions 9.11.1 through 9.11.1P2 with SnapLock configured FlexGroups are susceptible to a vulnerability which could allEPSS 0.7%CVE-2024-22067MEDIUMZTE NH8091 product has an improper permission control vulnerabilityEPSS 0.7%CVE-2020-9754NAVER Whale browser mobile app before 1.10.6.2 allows the attacker to bypass its browser unlock function via incognito mode.EPSS 0.7%CVE-2024-12951MEDIUM1000 Projects Portfolio Management System MCA add_personal_details.php unrestricted uploadEPSS 0.7%CVE-2023-3271HIGHImproper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to gather information about the system and downlEPSS 0.7%CVE-2023-29513MEDIUMUsers can be created even when registration is disabled without validation via the template macro in xwiki-platformEPSS 0.7%CVE-2024-56883HIGHSage DPW before 2024_12_001 is vulnerable to Incorrect Access Control. The implemented role-based access controls are not always enforced onEPSS 0.7%CVE-2023-48303LOWNextcloud Server admins can change authentication details of user configured external storageEPSS 0.7%CVE-2022-0273MEDIUMImproper Access Control in janeczku/calibre-webEPSS 0.7%CVE-2023-39743lrzip-next LZMA v23.01 was discovered to contain an access violation via the component /bz3_decode_block src/libbz3.c.EPSS 0.7%