Weaknesses of type CWE-284

4,444 results
CVE-2020-2025HIGHKata Containers - Cloud Hypervisor guests persist filesystem changes to the underlying host image fileEPSS 0.3%CVE-2025-10480MEDIUMSourceCodester Online Student File Management System save_file.php unrestricted uploadEPSS 0.3%CVE-2026-58286HIGHMicrosoft Edge (Chromium-based) Spoofing VulnerabilityEPSS 0.3%CVE-2024-37317MEDIUMNextcloud Notes app can be tricked into using a received share created before the user logged inEPSS 0.3%CVE-2023-28443MEDIUMdirectus vulnerable to Insertion of Sensitive Information into Log FileEPSS 0.3%CVE-2024-39772LOWSilent Desktop Screenshot CaptureEPSS 0.3%CVE-2026-50886CRITICALIncorrect access control in the webhook management component of Project Firefly III v6.5.9 allows attackers to scan internal resources via aEPSS 0.3%CVE-2026-43713MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS TaEPSS 0.3%CVE-2026-58282HIGHMicrosoft Edge (Chromium-based) Spoofing VulnerabilityEPSS 0.3%CVE-2026-46935HIGHVulnerability in the Oracle Complex Maintenance, Repair and Overhaul product of Oracle E-Business Suite (component: Internal Operations). SEPSS 0.3%CVE-2024-13430MEDIUMPage Builder: Pagelayer – Drag and Drop website builder <= 1.9.8 - Authenticated (Contributor+) Private Post Disclosure in pagelayer_builder_posts_shortcodeEPSS 0.3%CVE-2026-30926HIGHSiYuan Note publish service authorization bypass allows low-privilege users to modify notebook contentEPSS 0.3%CVE-2025-7413MEDIUMcode-projects Library System profile.php unrestricted uploadEPSS 0.3%CVE-2026-46915HIGHVulnerability in the Oracle Complex Maintenance, Repair and Overhaul product of Oracle E-Business Suite (component: Production). Supported EPSS 0.3%CVE-2026-46957HIGHVulnerability in the Oracle iSupplier Portal product of Oracle E-Business Suite (component: Internal Operations). Supported versions that aEPSS 0.3%CVE-2026-5003MEDIUMPromtEngineer localGPT Web api_server.py handle_index information disclosureEPSS 0.3%CVE-2026-10255MEDIUMSourceCodester Pharmacy Sales and Inventory System ShowForm.php sell_statement access controlEPSS 0.3%CVE-2025-6667MEDIUMcode-projects Car Rental System add_cars.php unrestricted uploadEPSS 0.3%CVE-2024-13457MEDIUMEvent Tickets <= 5.18.1 - Insecure Direct Object Reference to Sensitive Information ExposureEPSS 0.3%CVE-2026-46870HIGHVulnerability in the MySQL Shell product of Oracle MySQL (component: Shell for VS Code). The supported version that is affected is 2026.2.EPSS 0.3%