Weaknesses of type CWE-284

4,434 results
CVE-2026-46802CRITICALVulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework). Supported versions that aEPSS 0.4%CVE-2026-35280CRITICALVulnerability in the Oracle WebCenter Enterprise Capture product of Oracle Fusion Middleware (component: Client Bundle). Supported versionsEPSS 0.4%CVE-2026-12203MEDIUMHKUDS AI-Trader Research Export agents.csv information disclosureEPSS 0.4%CVE-2026-35282CRITICALVulnerability in the Oracle WebCenter Enterprise Capture product of Oracle Fusion Middleware (component: Client Bundle). Supported versionsEPSS 0.4%CVE-2026-46782CRITICALVulnerability in the Oracle WebCenter Enterprise Capture product of Oracle Fusion Middleware (component: Client Bundle). Supported versionsEPSS 0.4%CVE-2026-8028MEDIUMFlowiseAI Flowise Endpoint account.service.ts verify information disclosureEPSS 0.4%CVE-2026-23899HIGHJoomla! Core - [20260306] - Improper access check in webservice endpointsEPSS 0.4%CVE-2025-70986HIGHIncorrect access control in the selectDept function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily access sensitive departmentEPSS 0.4%CVE-2025-2687MEDIUMPHPGurukul eLearning System Image index.php unrestricted uploadEPSS 0.4%CVE-2024-22407MEDIUMBroken Access Control order API in ShopwareEPSS 0.4%CVE-2017-20066MEDIUMAdminer Login access controlEPSS 0.4%CVE-2025-7898MEDIUMCodecanyon iDentSoft Account Setting Page updateSetting unrestricted uploadEPSS 0.4%CVE-2023-41882MEDIUMvantage6 Improper Access Control vulnerabilityEPSS 0.4%CVE-2026-2894MEDIUMfunadmin forget.html getMember information disclosureEPSS 0.4%CVE-2025-28371MEDIUMEnGenius ENH500 AP 2T2R V3.0 FW3.7.22 is vulnerable to Incorrect Access Control via the password change function. The device fails to validaEPSS 0.4%CVE-2025-30127CRITICALAn issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. Once access is gained either by default, common, or cracked passwords, thEPSS 0.4%CVE-2025-0399MEDIUMStarSea99 starsea-mall uploadController.java UploadController unrestricted uploadEPSS 0.4%CVE-2023-37234HIGHLoftware Spectrum through 4.6 has unprotected JMX Registry.EPSS 0.4%CVE-2025-8519MEDIUMgivanz Vvveb Drag-and-Drop Editor editor information disclosureEPSS 0.4%CVE-2023-44118Vulnerability of undefined permissions in the MeeTime module.Successful exploitation of this vulnerability will affect availability and confEPSS 0.4%