Weaknesses of type CWE-284

4,448 results
CVE-2026-46911CRITICALVulnerability in the JD Edwards EnterpriseOne Project Costing product of Oracle JD Edwards (component: Job Costing). The supported versionEPSS 0.3%CVE-2026-46871MEDIUMVulnerability in the MySQL Shell product of Oracle MySQL (component: Shell for VS Code). The supported version that is affected is 2026.2.EPSS 0.3%CVE-2025-24236MEDIUMAn access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app mEPSS 0.3%CVE-2025-70614HIGHOpenCode Systems OC Messaging / USSD Gateway OC Release 6.32.2 contains a broken access control vulnerability in the web-based control panelEPSS 0.3%CVE-2026-34306MEDIUMVulnerability in the PeopleSoft Enterprise FIN Project Costing product of Oracle PeopleSoft (component: Projects). The supported version tEPSS 0.3%CVE-2026-46818HIGHVulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affecteEPSS 0.3%CVE-2026-34301MEDIUMVulnerability in the PeopleSoft Enterprise FIN Maintenance Management product of Oracle PeopleSoft (component: Work Order Management). TheEPSS 0.3%CVE-2025-53360MEDIUMpluginsGLPI's Database Inventory Plugin allows any authenticated user to send agent requestsEPSS 0.3%CVE-2026-34291HIGHVulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.EPSS 0.3%CVE-2026-34299MEDIUMVulnerability in the PeopleSoft Enterprise FIN Maintenance Management product of Oracle PeopleSoft (component: Work Order Management). TheEPSS 0.3%CVE-2025-61879HIGHIn Infoblox NIOS through 9.0.7, a High-Privileged User Can Trigger an Arbitrary File Write via the Account Creation Mechanism.EPSS 0.3%CVE-2024-7553HIGHAccessing Untrusted Directory May Allow Local Privilege EscalationEPSS 0.3%CVE-2026-24896MEDIUMOpenEMR has Broken Access Control that allows unauthorized access to EDI LogsEPSS 0.3%CVE-2026-1079MEDIUMA native messaging host vulnerability in Pega Browser Extension (PBE) affects users of all versions of Pega Robotic Automation who have installed Pega Browser Extension.EPSS 0.3%CVE-2024-31320HIGHIn setSkipPrompt of AssociationRequest.java , there is a possible way to establish a companion device association without any confirmation dEPSS 0.3%CVE-2022-28542MEDIUMImproper sanitization of incoming intent in Galaxy Store prior to version 4.5.40.5 allows local attackers to access privileged content proviEPSS 0.3%CVE-2025-15404MEDIUMcampcodes School File Management System save_file.php unrestricted uploadEPSS 0.3%CVE-2024-27819LOWThe issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker withEPSS 0.3%CVE-2026-8026MEDIUMFlowiseAI Flowise API Response account.service.ts login information disclosureEPSS 0.3%CVE-2024-34152MEDIUMPlaybook Run Metadata leak to GuestEPSS 0.3%