Falhas do tipo CWE-284
4.356 resultadosCVE-2023-37759—Incorrect access control in the User Registration page of Crypto Currency Tracker (CCT) before v9.5 allows unauthenticated attackers to regiEPSS 3.6%CVE-2025-14528MEDIUMD-Link DIR-803 Configuration getcfg.php information disclosureEPSS 3.6%CVE-2018-14804—Emerson AMS Device Manager v12.0 to v13.5. A specially crafted script may be run that allows arbitrary remote code execution.EPSS 3.5%CVE-2021-35213HIGHOrion User setting Improper Access Control Privilege Escalation VulnerabilityEPSS 3.4%CVE-2023-31242HIGHAn authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A speciaEPSS 3.4%CVE-2019-3935—Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to act as a moderator to a slide show via crafted HTTP EPSS 3.3%CVE-2026-20843HIGHWindows Routing and Remote Access Service (RRAS) Elevation of Privilege VulnerabilityEPSS 3.3%CVE-2026-21238HIGHWindows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityEPSS 3.2%CVE-2025-26645HIGHRemote Desktop Client Remote Code Execution VulnerabilityEPSS 3.2%CVE-2025-59434CRITICALCritical Multi-Tenant Variable Disclosure in Flowise Cloud via Custom JavaScript FunctionEPSS 3.1%CVE-2023-0916MEDIUMSourceCodester Auto Dealer Management System Users.php access controlEPSS 3.1%CVE-2025-24076HIGHMicrosoft Windows Cross Device Service Elevation of Privilege VulnerabilityEPSS 3.0%CVE-2020-7561—A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T300 (with firmware 2.7 and older) that could cause EPSS 3.0%CVE-2025-27140CRITICALWeGIA vulnerable to OS Command Injection at endpoint 'importar_dump.php' parameter 'import' (RCE)EPSS 3.0%CVE-2020-8300—Citrix ADC and Citrix/NetScaler Gateway before 13.0-82.41, 12.1-62.23, 11.1-65.20 and Citrix ADC 12.1-FIPS before 12.1-55.238 suffer from imEPSS 3.0%CVE-2023-29922MEDIUMPowerJob V4.3.1 is vulnerable to Incorrect Access Control via the create user/save interface.EPSS 3.0%CVE-2019-15260CRITICALCisco Aironet Access Points Unauthorized Access VulnerabilityEPSS 3.0%CVE-2019-9884CRITICALeClass platform contains a Broken Access Control vulnerabilityEPSS 3.0%CVE-2020-3144CRITICALCisco RV110W, RV130, RV130W, and RV215W Routers Authentication Bypass VulnerabilityEPSS 2.9%CVE-2022-21291MEDIUMVulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions thEPSS 2.8%